Ga naar inhoud
  • 0

Toolbar moet weg, opstarten gaat niet goed, Panda weg soms


anoniem

Vraag

Hallo, daar ben ik weer eens op jullie goede forum. Ik heb hulp nodig denk ik! (laptop Compaq Pressario, met XP en GP12, MozillaFirefox) E.e.a. gaat toch weer niet goed met mijn laptop. Er is iets fout gegaan of ik heb iets fout gedaan. Dat weet ik niet, maar mijn problemen zijn: 1) Het opstarten duurt heel lang en niet alles start goed op, er blijven programma's hangen bij t opstarten lijkt wel, waardoor er foutmeldingen komen en ik opnieuw moet rebooten. (TPSrv.exe is daar eentje van). De ventilator gaat heel hard draaien en CPU is hoog +/- 95%. 2) Daarnaast heb ik een toolbar van vuze in mijn MozillaFirefox die ik niet wil, die is er bij een update opgekomen, terwijl ik toch echt het vinkje weg had gehaald bij de installatie van de update...?! En die krijg ik nu niet meer weg. 3) Daarnaast floept het Panda hoofdje soms ineens van mijn scherm weg en als ik dan via configuratie via de beveiliging Panda open, staat er alles in rood van bedreiging en dat ik het moet oplossen...? Meestal op die button van 'oplossen' klikken en na 2 of 3x zegt ie rebooten. Daarna is het weer even goed. 4) Ook Adobe geeft telkens een mislukte update aan. Heb dit al een paar keer handmatig dan via de site gedaan, maar dan geeft een schermpje aan dat deze al is geinstalleerd... Zo geeft de Plugincheck bij MozillaFirefox aan dat het okay is, zo staat er updaten ineens. Dit al een paar dagen. (install_flashplayer10_chra_aih). Dus weer een kreet om hulp van mij. MBAM geeft geen besmetting en Panda ook niet als ik die scan. HiJackThisLog hieronder. HJT-log: [hjt] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:23:20, on 24-9-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal [b:47bfb8d893]Running processes:[/b:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]smss.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]winlogon.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]services.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]lsass.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]svchost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]svchost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]tpsrv.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]webproxy.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]spoolsv.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\common files\arcsoft\connection service\bin\[/color:47bfb8d893][color=blue:47bfb8d893]acservice.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\ehome\[/color:47bfb8d893][color=blue:47bfb8d893]ehrecvr.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\ehome\[/color:47bfb8d893][color=blue:47bfb8d893]ehsched.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]svchost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\java\jre6\bin\[/color:47bfb8d893][color=blue:47bfb8d893]jqs.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\common files\lightscribe\[/color:47bfb8d893][color=blue:47bfb8d893]lssrvc.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\microsoft sql server\mssql\binn\[/color:47bfb8d893][color=blue:47bfb8d893]sqlservr.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]svchost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]nvsvc32.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]psctrls.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]pavfnsvr.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\common files\panda security\pavshld\[/color:47bfb8d893][color=blue:47bfb8d893]pavprsrv.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]svchost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\firewall\[/color:47bfb8d893][color=blue:47bfb8d893]pshost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]psimsvc.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]psksvc.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hewlett-packard\shared\[/color:47bfb8d893][color=blue:47bfb8d893]hpqwmiex.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\[/color:47bfb8d893][color=blue:47bfb8d893]explorer.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]pavsrvx86.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]avengine.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\ehome\[/color:47bfb8d893][color=blue:47bfb8d893]ehtray.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hpq\hp wireless assistant\[/color:47bfb8d893][color=blue:47bfb8d893]hp wireless assistant.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\synaptics\syntp\[/color:47bfb8d893][color=blue:47bfb8d893]syntpenh.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hp\quickplay\[/color:47bfb8d893][color=blue:47bfb8d893]qpservice.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hp\hp software update\[/color:47bfb8d893][color=blue:47bfb8d893]hpwuschd2.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\common files\arcsoft\connection service\bin\[/color:47bfb8d893][color=blue:47bfb8d893]acdaemon.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]apvxdwin.exe[/color:47bfb8d893] c:\program files\common files\arcsoft\connection service\bin\arccon.ac [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]ctfmon.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\windows media player\[/color:47bfb8d893][color=blue:47bfb8d893]wmpnscfg.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\microsoft sql server\80\tools\binn\[/color:47bfb8d893][color=blue:47bfb8d893]sqlmangr.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\arcsoft\totalmedia 3.5\[/color:47bfb8d893][color=blue:47bfb8d893]tmmonitor.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hp\digital imaging\bin\[/color:47bfb8d893][color=blue:47bfb8d893]hpqimzone.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]dllhost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\ehome\[/color:47bfb8d893][color=blue:47bfb8d893]ehmsas.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]srvload.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]pavbckpt.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\wbem\[/color:47bfb8d893][color=blue:47bfb8d893]wmiapsrv.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]iface.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]svchost.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\documents and settings\user\mijn documenten\[/color:47bfb8d893][color=blue:47bfb8d893]snagit32.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\mozilla firefox\[/color:47bfb8d893][color=blue:47bfb8d893]firefox.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\mozilla firefox\[/color:47bfb8d893][color=blue:47bfb8d893]plugin-container.exe[/color:47bfb8d893] [color=teal:47bfb8d893]c:\program files\trend micro\hijackthis\[/color:47bfb8d893][color=blue:47bfb8d893]hijackthis.exe[/color:47bfb8d893] [color=silver:47bfb8d893]r0 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkcu\software\microsoft\internet explorer\main[/color:47bfb8d893],start page = [u:47bfb8d893][noparse]http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=mbi&wreply=http:%2f%2fmail.live.com%2fdefault.aspx&id=64855[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]r1 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\software\microsoft\internet explorer\main[/color:47bfb8d893],default_page_url = [u:47bfb8d893][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]r1 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\software\microsoft\internet explorer\main[/color:47bfb8d893],default_search_url = [u:47bfb8d893][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]r1 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\software\microsoft\internet explorer\main[/color:47bfb8d893],search page = [u:47bfb8d893][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]r0 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\software\microsoft\internet explorer\main[/color:47bfb8d893],start page = [u:47bfb8d893][noparse]http://www.troner.net/[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]r0 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkcu\software\microsoft\internet explorer\toolbar[/color:47bfb8d893],linksfoldername = koppelingen [color=silver:47bfb8d893]o2 -[/color:47bfb8d893] [color=brown:47bfb8d893]bho[/color:47bfb8d893]: acroiehelperstub - [color=orange:47bfb8d893]{18df081c-e8ad-4283-a596-fa578c2ebdc3}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\common files\adobe\acrobat\activex\[/color:47bfb8d893][color=blue:47bfb8d893]acroiehelpershim.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o2 -[/color:47bfb8d893] [color=brown:47bfb8d893]bho[/color:47bfb8d893]: skypeiepluginbho - [color=orange:47bfb8d893]{ae805869-2e5c-4ed4-8f7b-f1f7851a4497}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\skype\toolbars\internet explorer\[/color:47bfb8d893][color=blue:47bfb8d893]skypeieplugin.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o2 -[/color:47bfb8d893] [color=brown:47bfb8d893]bho[/color:47bfb8d893]: java(tm) plug-in 2 ssv helper - [color=orange:47bfb8d893]{dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\java\jre6\bin\[/color:47bfb8d893][color=blue:47bfb8d893]jp2ssv.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o2 -[/color:47bfb8d893] [color=brown:47bfb8d893]bho[/color:47bfb8d893]: jqsiestartdetectorimpl - [color=orange:47bfb8d893]{e7e6f031-17ce-4c07-bc86-eabfe594f69c}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\java\jre6\lib\deploy\jqs\ie\[/color:47bfb8d893][color=blue:47bfb8d893]jqs_plugin.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][ehtray][/b:47bfb8d893] [color=teal:47bfb8d893]c:\windows\ehome\[/color:47bfb8d893][color=blue:47bfb8d893]ehtray.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][hpwirelessassistant][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hpq\hp wireless assistant\[/color:47bfb8d893][color=blue:47bfb8d893]hp wireless assistant.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][high definition audio property page shortcut][/b:47bfb8d893] chdaudpropshortcut.exe [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][syntpenh][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\synaptics\syntp\[/color:47bfb8d893][color=blue:47bfb8d893]syntpenh.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][qpservice][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hp\quickplay\[/color:47bfb8d893][color=blue:47bfb8d893]qpservice.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][cpqset][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hewlett-packard\default settings\[/color:47bfb8d893][color=blue:47bfb8d893]cpqset.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][recguard][/b:47bfb8d893] [color=teal:47bfb8d893]c:\windows\sminst\[/color:47bfb8d893][color=blue:47bfb8d893]recguard.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][hp software update][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\hp\hp software update\[/color:47bfb8d893][color=blue:47bfb8d893]hpwuschd2.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][arcsoft connection service][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\common files\arcsoft\connection service\bin\[/color:47bfb8d893][color=blue:47bfb8d893]acdaemon.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][nvcpldaemon][/b:47bfb8d893] rundll32.exe [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]nvcpl.dll[/color:47bfb8d893],nvstartup [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][nvmediacenter][/b:47bfb8d893] rundll32.exe [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]nvmctray.dll[/color:47bfb8d893],nvtaskbarinit [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][nwiz][/b:47bfb8d893] nwiz.exe /installquiet /nodetect [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][quicktime task][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\quicktime\[/color:47bfb8d893][color=blue:47bfb8d893]qttask.exe[/color:47bfb8d893] -atboottime [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][adobe arm][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\common files\adobe\arm\1.0\[/color:47bfb8d893][color=blue:47bfb8d893]adobearm.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][apvxdwin][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]apvxdwin.exe[/color:47bfb8d893] /s [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hklm\..\run[/color:47bfb8d893]: [b:47bfb8d893][scaninicio][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]inicio.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkcu\..\run[/color:47bfb8d893]: [b:47bfb8d893][skype][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\skype\\phone\[/color:47bfb8d893][color=blue:47bfb8d893]skype.exe[/color:47bfb8d893] /nosplash /minimized [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkcu\..\run[/color:47bfb8d893]: [b:47bfb8d893][ctfmon.exe][/b:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]ctfmon.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkcu\..\run[/color:47bfb8d893]: [b:47bfb8d893][wmpnscfg][/b:47bfb8d893] [color=teal:47bfb8d893]c:\program files\windows media player\[/color:47bfb8d893][color=blue:47bfb8d893]wmpnscfg.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkus\s-1-5-18\..\run[/color:47bfb8d893]: [b:47bfb8d893][ctfmon.exe][/b:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]ctfmon.exe[/color:47bfb8d893] (user 'system') [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]hkus\.default\..\run[/color:47bfb8d893]: [b:47bfb8d893][ctfmon.exe][/b:47bfb8d893] [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]ctfmon.exe[/color:47bfb8d893] (user 'default user') [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]global startup[/color:47bfb8d893]: hp photosmart premier snelstart.lnk = [color=teal:47bfb8d893]c:\program files\hp\digital imaging\bin\[/color:47bfb8d893][color=blue:47bfb8d893]hpqthb08.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]global startup[/color:47bfb8d893]: microsoft office.lnk = [color=teal:47bfb8d893]c:\program files\microsoft office\office10\[/color:47bfb8d893][color=blue:47bfb8d893]osa.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]global startup[/color:47bfb8d893]: service manager.lnk = [color=teal:47bfb8d893]c:\program files\microsoft sql server\80\tools\binn\[/color:47bfb8d893][color=blue:47bfb8d893]sqlmangr.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o4 -[/color:47bfb8d893] [color=brown:47bfb8d893]global startup[/color:47bfb8d893]: tmmonitor.lnk = [color=teal:47bfb8d893]c:\program files\arcsoft\totalmedia 3.5\[/color:47bfb8d893][color=blue:47bfb8d893]tmmonitor.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o8 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra context menu item[/color:47bfb8d893]: e&xport to microsoft excel - res://[color=teal:47bfb8d893]c:\progra~1\micros~2\office10\[/color:47bfb8d893][color=blue:47bfb8d893]excel.exe[/color:47bfb8d893]/3000 [color=silver:47bfb8d893]o8 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra context menu item[/color:47bfb8d893]: google sidewiki... - res://[color=teal:47bfb8d893]c:\program files\google\google toolbar\component\[/color:47bfb8d893][color=blue:47bfb8d893]googletoolbardynamic_mui_en_7461b1589e8b4fb7.dll[/color:47bfb8d893]/cmsidewiki.html [color=silver:47bfb8d893]o9 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra button[/color:47bfb8d893]: skype add-on for internet explorer - [color=orange:47bfb8d893]{898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\skype\toolbars\internet explorer\[/color:47bfb8d893][color=blue:47bfb8d893]skypeieplugin.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o9 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra 'tools' menuitem[/color:47bfb8d893]: skype add-on for internet explorer - [color=orange:47bfb8d893]{898ea8c8-e7ff-479b-8935-aec46303b9e5}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\skype\toolbars\internet explorer\[/color:47bfb8d893][color=blue:47bfb8d893]skypeieplugin.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o9 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra button[/color:47bfb8d893]: (no name) - [color=orange:47bfb8d893]{e2e2dd38-d088-4134-82b7-f2ba38496583}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\windows\network diagnostic\[/color:47bfb8d893][color=blue:47bfb8d893]xpnetdiag.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o9 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra 'tools' menuitem[/color:47bfb8d893]: @xpsp3res.dll,-20001 - [color=orange:47bfb8d893]{e2e2dd38-d088-4134-82b7-f2ba38496583}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\windows\network diagnostic\[/color:47bfb8d893][color=blue:47bfb8d893]xpnetdiag.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o9 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra button[/color:47bfb8d893]: messenger - [color=orange:47bfb8d893]{fb5f1910-f110-11d2-bb9e-00c04f795683}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\messenger\[/color:47bfb8d893][color=blue:47bfb8d893]msmsgs.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o9 -[/color:47bfb8d893] [color=brown:47bfb8d893]extra 'tools' menuitem[/color:47bfb8d893]: windows messenger - [color=orange:47bfb8d893]{fb5f1910-f110-11d2-bb9e-00c04f795683}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\messenger\[/color:47bfb8d893][color=blue:47bfb8d893]msmsgs.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o14 -[/color:47bfb8d893] [color=brown:47bfb8d893]iereset.inf[/color:47bfb8d893]: start_page_url=[u:47bfb8d893][noparse]http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=nl_nl&c=64&bd=pavilion&pf=laptop[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o16 -[/color:47bfb8d893] [color=brown:47bfb8d893]dpf[/color:47bfb8d893]: [color=orange:47bfb8d893]{17492023-c23a-453e-a040-c7c580bbf700}[/color:47bfb8d893] (windows genuine advantage validation tool) - [u:47bfb8d893][noparse]http://go.microsoft.com/fwlink/?linkid=39204[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o16 -[/color:47bfb8d893] [color=brown:47bfb8d893]dpf[/color:47bfb8d893]: [color=orange:47bfb8d893]{4f1e5b1a-2a80-42ca-8532-2d05cb959537}[/color:47bfb8d893] (msn photo upload tool) - [u:47bfb8d893][noparse]http://gfx1.hotmail.com/mail/w3/pr01/resources/msnpupld.cab[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o16 -[/color:47bfb8d893] [color=brown:47bfb8d893]dpf[/color:47bfb8d893]: [color=orange:47bfb8d893]{7530bfb8-7293-4d34-9923-61a11451afc5}[/color:47bfb8d893] (onlinescanner control) - [u:47bfb8d893][noparse]http://download.eset.com/special/eos-beta/onlinescanner.cab[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o16 -[/color:47bfb8d893] [color=brown:47bfb8d893]dpf[/color:47bfb8d893]: [color=orange:47bfb8d893]{d27cdb6e-ae6d-11cf-96b8-444553540000}[/color:47bfb8d893] (shockwave flash object) - [u:47bfb8d893][noparse]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o16 -[/color:47bfb8d893] [color=brown:47bfb8d893]dpf[/color:47bfb8d893]: [color=orange:47bfb8d893]{e2883e8f-472f-4fb0-9522-ac9bf37916a7}[/color:47bfb8d893] - [u:47bfb8d893][noparse]http://platformdl.adobe.com/nos/getplusplus/1.6/gp.cab[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o16 -[/color:47bfb8d893] [color=brown:47bfb8d893]dpf[/color:47bfb8d893]: [color=orange:47bfb8d893]{e77f23eb-e7ab-4502-8f37-247dbaf1a147}[/color:47bfb8d893] (windows live hotmail photo upload tool) - [u:47bfb8d893][noparse]http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/msnpupld.cab[/noparse][/u:47bfb8d893] [color=silver:47bfb8d893]o18 -[/color:47bfb8d893] [color=brown:47bfb8d893]protocol[/color:47bfb8d893]: skype-ie-addon-data - [color=orange:47bfb8d893]{91774881-d725-4e58-b298-07617b9b86a8}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\program files\skype\toolbars\internet explorer\[/color:47bfb8d893][color=blue:47bfb8d893]skypeieplugin.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o18 -[/color:47bfb8d893] [color=brown:47bfb8d893]protocol[/color:47bfb8d893]: skype4com - [color=orange:47bfb8d893]{ffc8b962-9b40-4dff-9458-1830c7dd7f5d}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\progra~1\common~1\skype\[/color:47bfb8d893][color=blue:47bfb8d893]skype4~1.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o22 -[/color:47bfb8d893] [color=brown:47bfb8d893]sharedtaskscheduler[/color:47bfb8d893]: preloader van browseui - [color=orange:47bfb8d893]{438755c2-a8ba-11d1-b96b-00a0c90312e1}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]browseui.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o22 -[/color:47bfb8d893] [color=brown:47bfb8d893]sharedtaskscheduler[/color:47bfb8d893]: cache-daemon voor onderdeelcategorieën - [color=orange:47bfb8d893]{8c7461ef-2b13-11d2-be35-3078302c2030}[/color:47bfb8d893] - [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]browseui.dll[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: arcsoft connect daemon (acdaemon) - arcsoft inc. - [color=teal:47bfb8d893]c:\program files\common files\arcsoft\connection service\bin\[/color:47bfb8d893][color=blue:47bfb8d893]acservice.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: addfiltr - hewlett-packard development company, l.p. - [color=teal:47bfb8d893]c:\program files\hewlett-packard\hp quick launch buttons\[/color:47bfb8d893][color=blue:47bfb8d893]addfiltr.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: google updateservice (gupdate) (gupdate) - google inc. - [color=teal:47bfb8d893]c:\program files\google\update\[/color:47bfb8d893][color=blue:47bfb8d893]googleupdate.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: google update-service (gupdatem) (gupdatem) - google inc. - [color=teal:47bfb8d893]c:\program files\google\update\[/color:47bfb8d893][color=blue:47bfb8d893]googleupdate.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: hpqwmiex - hewlett-packard development company, l.p. - [color=teal:47bfb8d893]c:\program files\hewlett-packard\shared\[/color:47bfb8d893][color=blue:47bfb8d893]hpqwmiex.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: installdriver table manager (idrivert) - macrovision corporation - [color=teal:47bfb8d893]c:\program files\common files\installshield\driver\1050\intel 32\[/color:47bfb8d893][color=blue:47bfb8d893]idrivert.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: java quick starter (javaquickstarterservice) - sun microsystems, inc. - [color=teal:47bfb8d893]c:\program files\java\jre6\bin\[/color:47bfb8d893][color=blue:47bfb8d893]jqs.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - [color=teal:47bfb8d893]c:\program files\common files\lightscribe\[/color:47bfb8d893][color=blue:47bfb8d893]lssrvc.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: nvidia display driver service (nvsvc) - nvidia corporation - [color=teal:47bfb8d893]c:\windows\system32\[/color:47bfb8d893][color=blue:47bfb8d893]nvsvc32.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda software controller - panda security, s.l. - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]psctrls.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda function service (pavfnsvr) - unknown owner - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]pavfnsvr.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda process protection service (pavprsrv) - unknown owner - [color=teal:47bfb8d893]c:\program files\common files\panda security\pavshld\[/color:47bfb8d893][color=blue:47bfb8d893]pavprsrv.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda on-access anti-malware service (pavsrv) - panda security, s.l. - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]pavsrvx86.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda host service (pshost) - unknown owner - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\firewall\[/color:47bfb8d893][color=blue:47bfb8d893]pshost.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda imanager service (psimsvc) - panda security s.l. - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]psimsvc.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda psk service (psksvcretail) - panda security, s.l. - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]psksvc.exe[/color:47bfb8d893] [color=silver:47bfb8d893]o23 -[/color:47bfb8d893] [color=brown:47bfb8d893]service[/color:47bfb8d893]: panda tpsrv (tpsrv) - panda security, s.l. - [color=teal:47bfb8d893]c:\program files\panda security\panda global protection 2012\[/color:47bfb8d893][color=blue:47bfb8d893]tpsrv.exe[/color:47bfb8d893] -- end of file - 11517 bytes [/hjt] Alvast dank!
Link naar reactie
  • Antwoorden 132
  • Aangemaakt
  • Laatste reactie

Beste reacties voor deze vraag

  • anoniem

    133

Aanbevolen berichten

  • 0
Hoi Holly, de kleurcodeerder hoef jij niet meer te gebruiken hoor, die gebruik ik in principe alleen op het NCF! We gaan meteen maar diep in jouw Windows kijken: [b:274e0a1718]Welk programma[/b:274e0a1718]: ComboFix [b:274e0a1718]Waarvoor/waarom[/b:274e0a1718]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:274e0a1718]Moeilijkheidsgraad[/b:274e0a1718]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:274e0a1718]Downloadlokatie[/b:274e0a1718]: Dit programma absoluut naar het bureaublad downloaden! [b:274e0a1718]Download ComboFix via één van deze locaties[/b:274e0a1718]: [list:274e0a1718][*:274e0a1718][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:274e0a1718]Bleepingcomputer[/b:274e0a1718][/url] [*:274e0a1718][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:274e0a1718]ForoSpyware[/b:274e0a1718][/url] [*:274e0a1718][url=http://subs.geekstogo.com/ComboFix.exe][b:274e0a1718]Geekstogo[/b:274e0a1718][/url][/list:u:274e0a1718] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:274e0a1718]Hier[/b:274e0a1718][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:274e0a1718]Hier[/b:274e0a1718][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:274e0a1718]hier[/b:274e0a1718][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:274e0a1718]Voor alle duidelijkheid nogmaals[/b:274e0a1718]: ComboFix dient vanaf het bureaublad gestart te worden. [b:274e0a1718]Opmerkingen[/b:274e0a1718]: [list:274e0a1718][*:274e0a1718] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:274e0a1718]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:274e0a1718]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:274e0a1718] [b:274e0a1718]ComboFix is opgestart[/b:274e0a1718]: [list:274e0a1718][*:274e0a1718]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:274e0a1718]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:274e0a1718]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:274e0a1718]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:274e0a1718]Post de inhoud van dit logbestand in je volgende bericht. [*:274e0a1718]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:274e0a1718] [b:274e0a1718]Belangrijke opmerking[/b:274e0a1718]: [list:274e0a1718][*:274e0a1718][b:274e0a1718][color=Red:274e0a1718]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:274e0a1718][/b:274e0a1718] [*:274e0a1718][b:274e0a1718][color=blue:274e0a1718]Illegal operation attempted on a registery key that has been marked for deletion.[/color:274e0a1718][/b:274e0a1718] [*:274e0a1718][b:274e0a1718][color=Red:274e0a1718]Start dan de computer opnieuw op.[/color:274e0a1718][/b:274e0a1718][/list:u:274e0a1718]
Link naar reactie
  • 0
Hallo Abraham54, ... t lukt niet zo best... :cry: op bureaublad combofix gedownload internet uitgezet antivirus uitgeschakeld automatische updates van windows uit combofix gestart en schermpjes doorlopen, ging grotendeels vanzelf...tot laatste stukje, ruim 7,5 uur gewacht, dat leek me niet goed, omdat er stond ergens dat het niet zo lang zou duren... ben dus rond 13:35 begonnen, net pc uitgezet en opnieuw opgestart, was bang dat ie t niet meer zou doen omdat er iets stond dat Windows kon bevriezen. Ook stond er dat het even kon duren, maar dit was wel heel lang mijns inziens. Alles ging vrij snel, schermpjes met al die nummers, denk +/- 20 min, maar toen het blauwe scherm kwam met: "even geduld, Windows wordt opnieuw opgestart..." dat heeft dus ruim 7,5 uur geduurd, Wat is er misgegaan? Of wellicht: heb ik iets verkeerd gedaan? :oops: groetjes Holly
Link naar reactie
  • 0
Heel vreemd allemaal. Doe onderstaande nu eerst: [color=#FF0000:d1b08efe05][b:d1b08efe05]Stap •1•[/b:d1b08efe05][/color:d1b08efe05] [[b:d1b08efe05]Welk programma[/b:d1b08efe05]: Kaspersky [b:d1b08efe05]TDSSKiller[/b:d1b08efe05] [b:d1b08efe05]Waarvoor/waarom[/b:d1b08efe05]: Rootkitscanner [b:d1b08efe05]Moeilijkheidsgraad[/b:d1b08efe05]: geen [b:d1b08efe05]Downloadlokatie[/b:d1b08efe05]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:d1b08efe05]Download[/b:d1b08efe05] [b:d1b08efe05]TDSSKiller[/b:d1b08efe05] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:d1b08efe05]hier[/b:d1b08efe05][/url]. [b:d1b08efe05]Installatie[/b:d1b08efe05]: [list:d1b08efe05][*:d1b08efe05] pak het bestand uit op je bureaublad.[/list:u:d1b08efe05] [b:d1b08efe05]TDSSKiller gebruiken[/b:d1b08efe05]: [list:d1b08efe05][*:d1b08efe05]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:d1b08efe05]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:d1b08efe05]Als Administrator uitvoeren[/b:d1b08efe05]. [*:d1b08efe05]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:d1b08efe05] [img:d1b08efe05]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:d1b08efe05] [list:d1b08efe05][*:d1b08efe05]Klik vervolgens op de knop [b:d1b08efe05]"Start Scan"[/b:d1b08efe05] en volg de instructies. [*:d1b08efe05] Nadat de scan klaar is klik je op de knop [b:d1b08efe05]"Report"[/b:d1b08efe05]. [*:d1b08efe05]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:d1b08efe05][*:d1b08efe05][b:d1b08efe05]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:d1b08efe05] [*:d1b08efe05]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:d1b08efe05]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:d1b08efe05][/list:u:d1b08efe05][/list:u:d1b08efe05] [color=#FF0000:d1b08efe05][b:d1b08efe05]Stap •2•[/b:d1b08efe05][/color:d1b08efe05] [b:d1b08efe05]Welk programma[/b:d1b08efe05]: "aswMBR.exe' [b:d1b08efe05]Waarvoor/waarom[/b:d1b08efe05]: MBR-Rootkitscanner [b:d1b08efe05]Moeilijkheidsgraad[/b:d1b08efe05]: geen [b:d1b08efe05]Downloadlokatie[/b:d1b08efe05]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:d1b08efe05]Download[/b:d1b08efe05] [b:d1b08efe05]aswMBR.exe[/b:d1b08efe05] [url=http://public.avast.com/~gmerek/aswMBR.exe][b:d1b08efe05]hier[/b:d1b08efe05][/url]. [b:d1b08efe05]aswMBR.exe gebruiken[/b:d1b08efe05]: [list:d1b08efe05][*:d1b08efe05]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe". [*:d1b08efe05]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:d1b08efe05]Als Administrator uitvoeren[/b:d1b08efe05].[/list:u:d1b08efe05] [img:d1b08efe05]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:d1b08efe05] [list:d1b08efe05][*:d1b08efe05] Klik nu in het zwarte scherm op de knop [b:d1b08efe05]Scan[/b:d1b08efe05] [*:d1b08efe05] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:d1b08efe05]Save log[/b:d1b08efe05][/list:u:d1b08efe05] [img:d1b08efe05]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:d1b08efe05] [list:d1b08efe05][*:d1b08efe05] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen. [*:d1b08efe05] Tevens vindt je nu op het bureaublad ook het bestand [b:d1b08efe05]MBR.dat[/b:d1b08efe05]! [*:d1b08efe05] [b:d1b08efe05]MBR.dat[/b:d1b08efe05] is een backupbestand, bewaar dat dus voorlopig. [*:d1b08efe05] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:d1b08efe05]aswMBR.txt[/b:d1b08efe05] [*:d1b08efe05] Post de inhoud van [b:d1b08efe05]aswMBR.txt[/b:d1b08efe05] in jouw volgende bericht.[/list:u:d1b08efe05] [color=#FF0000:d1b08efe05][b:d1b08efe05]Stap •3•[/b:d1b08efe05][/color:d1b08efe05] [b:d1b08efe05]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:d1b08efe05] [list:d1b08efe05][*:d1b08efe05] TDSSKiller-log [*:d1b08efe05] aswMBR.txt-log [/list:u:d1b08efe05]
Link naar reactie
  • 0
Hallo Abraham54, gisteravond na mijn post nogmaals een poging gedaan met de combofix, maar tot vanmorgen stond er nog: ' Windows wordt herstart . . . geduld aub' De logs: 11:16:52.0062 5928 TDSS rootkit removing tool 2.6.0.0 Sep 23 2011 07:42:37 11:16:54.0078 5928 ============================================================ 11:16:54.0078 5928 Current date / time: 2011/09/25 11:16:54.0078 11:16:54.0078 5928 SystemInfo: 11:16:54.0078 5928 11:16:54.0078 5928 OS Version: 5.1.2600 ServicePack: 3.0 11:16:54.0078 5928 Product type: Workstation 11:16:54.0078 5928 ComputerName: YOUR-D9E2434D81 11:16:54.0078 5928 UserName: user 11:16:54.0078 5928 Windows directory: C:\WINDOWS 11:16:54.0078 5928 System windows directory: C:\WINDOWS 11:16:54.0078 5928 Processor architecture: Intel x86 11:16:54.0078 5928 Number of processors: 2 11:16:54.0078 5928 Page size: 0x1000 11:16:54.0078 5928 Boot type: Normal boot 11:16:54.0078 5928 ============================================================ 11:16:54.0812 5928 Initialize success 11:17:05.0859 3668 ============================================================ 11:17:05.0859 3668 Scan started 11:17:05.0859 3668 Mode: Manual; 11:17:05.0859 3668 ============================================================ 11:17:06.0500 3668 Abiosdsk - ok 11:17:06.0546 3668 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 11:17:06.0562 3668 abp480n5 - ok 11:17:06.0609 3668 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 11:17:06.0609 3668 ACPI - ok 11:17:06.0640 3668 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 11:17:06.0640 3668 ACPIEC - ok 11:17:06.0687 3668 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 11:17:06.0687 3668 adpu160m - ok 11:17:06.0718 3668 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 11:17:06.0734 3668 aec - ok 11:17:06.0781 3668 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys 11:17:06.0781 3668 Afc - ok 11:17:06.0875 3668 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 11:17:06.0890 3668 AFD - ok 11:17:06.0921 3668 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 11:17:06.0921 3668 agp440 - ok 11:17:06.0953 3668 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 11:17:06.0968 3668 agpCPQ - ok 11:17:07.0000 3668 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 11:17:07.0000 3668 Aha154x - ok 11:17:07.0031 3668 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 11:17:07.0031 3668 aic78u2 - ok 11:17:07.0062 3668 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 11:17:07.0062 3668 aic78xx - ok 11:17:07.0125 3668 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 11:17:07.0125 3668 AliIde - ok 11:17:07.0234 3668 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 11:17:07.0234 3668 alim1541 - ok 11:17:07.0281 3668 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 11:17:07.0281 3668 amdagp - ok 11:17:07.0343 3668 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 11:17:07.0343 3668 AmdK8 - ok 11:17:07.0390 3668 AmFSM (ef9dd27aa5a3baaf2fd2b44c08a3e622) C:\WINDOWS\system32\DRIVERS\amm8651.sys 11:17:07.0390 3668 AmFSM - ok 11:17:07.0437 3668 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 11:17:07.0437 3668 amsint - ok 11:17:07.0484 3668 APPFLT (6b467e791ec470d010bd50e5e98bf467) C:\WINDOWS\system32\Drivers\APPFLT.SYS 11:17:07.0484 3668 APPFLT - ok 11:17:07.0609 3668 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 11:17:07.0609 3668 Arp1394 - ok 11:17:07.0640 3668 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 11:17:07.0656 3668 asc - ok 11:17:07.0687 3668 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 11:17:07.0687 3668 asc3350p - ok 11:17:07.0718 3668 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 11:17:07.0718 3668 asc3550 - ok 11:17:07.0781 3668 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 11:17:07.0781 3668 AsyncMac - ok 11:17:07.0812 3668 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 11:17:07.0828 3668 atapi - ok 11:17:07.0843 3668 Atdisk - ok 11:17:07.0875 3668 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 11:17:07.0890 3668 Atmarpc - ok 11:17:07.0937 3668 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 11:17:07.0937 3668 audstub - ok 11:17:08.0000 3668 AvFlt - ok 11:17:08.0078 3668 BCM43XX (114234fafec7060392195170e1c4d45e) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 11:17:08.0078 3668 BCM43XX - ok 11:17:08.0109 3668 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 11:17:08.0109 3668 Beep - ok 11:17:08.0203 3668 catchme - ok 11:17:08.0265 3668 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 11:17:08.0265 3668 cbidf - ok 11:17:08.0343 3668 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 11:17:08.0343 3668 cbidf2k - ok 11:17:08.0421 3668 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 11:17:08.0437 3668 CCDECODE - ok 11:17:08.0468 3668 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 11:17:08.0468 3668 cd20xrnt - ok 11:17:08.0500 3668 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 11:17:08.0500 3668 Cdaudio - ok 11:17:08.0546 3668 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 11:17:08.0546 3668 Cdfs - ok 11:17:08.0593 3668 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 11:17:08.0593 3668 Cdrom - ok 11:17:08.0609 3668 Changer - ok 11:17:08.0687 3668 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 11:17:08.0687 3668 CmBatt - ok 11:17:08.0812 3668 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 11:17:08.0812 3668 CmdIde - ok 11:17:08.0890 3668 ComFiltr (d9c33e68f61f27d8206f65b0190dc5cf) C:\WINDOWS\system32\DRIVERS\COMFiltr.sys 11:17:08.0890 3668 ComFiltr - ok 11:17:08.0984 3668 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 11:17:08.0984 3668 Compbatt - ok 11:17:09.0281 3668 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 11:17:09.0296 3668 Cpqarray - ok 11:17:09.0359 3668 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 11:17:09.0359 3668 dac2w2k - ok 11:17:09.0406 3668 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 11:17:09.0406 3668 dac960nt - ok 11:17:09.0484 3668 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 11:17:09.0484 3668 Disk - ok 11:17:09.0750 3668 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys 11:17:09.0765 3668 dmboot - ok 11:17:09.0875 3668 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys 11:17:09.0875 3668 dmio - ok 11:17:09.0968 3668 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 11:17:09.0968 3668 dmload - ok 11:17:10.0046 3668 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 11:17:10.0046 3668 DMusic - ok 11:17:10.0093 3668 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 11:17:10.0093 3668 dpti2o - ok 11:17:10.0109 3668 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 11:17:10.0125 3668 drmkaud - ok 11:17:10.0171 3668 DSAFLT (5bb0f91ffd84057d094d106d9ff53298) C:\WINDOWS\system32\Drivers\DSAFLT.SYS 11:17:10.0171 3668 DSAFLT - ok 11:17:10.0218 3668 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys 11:17:10.0218 3668 eabfiltr - ok 11:17:10.0281 3668 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys 11:17:10.0281 3668 eabusb - ok 11:17:10.0359 3668 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 11:17:10.0375 3668 Fastfat - ok 11:17:10.0500 3668 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 11:17:10.0500 3668 Fdc - ok 11:17:10.0531 3668 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys 11:17:10.0531 3668 Fips - ok 11:17:10.0562 3668 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 11:17:10.0562 3668 Flpydisk - ok 11:17:10.0609 3668 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 11:17:10.0625 3668 FltMgr - ok 11:17:10.0671 3668 FNETMON (a38b9ba7a4c17f7dce9ec4e8f7870026) C:\WINDOWS\system32\Drivers\fnetmon.SYS 11:17:10.0671 3668 FNETMON - ok 11:17:10.0703 3668 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 11:17:10.0703 3668 Fs_Rec - ok 11:17:10.0750 3668 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 11:17:10.0750 3668 Ftdisk - ok 11:17:10.0843 3668 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 11:17:10.0843 3668 Gpc - ok 11:17:10.0906 3668 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys 11:17:10.0906 3668 HBtnKey - ok 11:17:11.0031 3668 HdAudAddService (4905d28aa09f63e6a2f4e93ed6dd7d19) C:\WINDOWS\system32\drivers\CHDAud.sys 11:17:11.0031 3668 HdAudAddService - ok 11:17:11.0156 3668 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 11:17:11.0156 3668 HDAudBus - ok 11:17:11.0218 3668 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 11:17:11.0218 3668 HidUsb - ok 11:17:11.0265 3668 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 11:17:11.0265 3668 hpn - ok 11:17:11.0343 3668 HSFHWAZL (448c0fd272fe1b80046f4767db21eb8d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 11:17:11.0359 3668 HSFHWAZL - ok 11:17:11.0421 3668 HSF_DPV (2715a27de9c17bdbaf6d6c79989a7b12) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 11:17:11.0453 3668 HSF_DPV - ok 11:17:11.0578 3668 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 11:17:11.0593 3668 HTTP - ok 11:17:11.0625 3668 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 11:17:11.0640 3668 i2omgmt - ok 11:17:11.0671 3668 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 11:17:11.0671 3668 i2omp - ok 11:17:11.0703 3668 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 11:17:11.0703 3668 i8042prt - ok 11:17:11.0781 3668 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys 11:17:11.0796 3668 iaStor - ok 11:17:11.0921 3668 IDSFLT (c4e887cf7ba2d3624233231aecd34c9d) C:\WINDOWS\system32\Drivers\IDSFLT.SYS 11:17:11.0921 3668 IDSFLT - ok 11:17:11.0968 3668 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 11:17:11.0984 3668 Imapi - ok 11:17:12.0046 3668 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 11:17:12.0046 3668 ini910u - ok 11:17:12.0093 3668 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys 11:17:12.0093 3668 IntelIde - ok 11:17:12.0140 3668 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 11:17:12.0140 3668 Ip6Fw - ok 11:17:12.0171 3668 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 11:17:12.0171 3668 IpFilterDriver - ok 11:17:12.0281 3668 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 11:17:12.0281 3668 IpInIp - ok 11:17:12.0359 3668 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 11:17:12.0359 3668 IpNat - ok 11:17:12.0406 3668 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 11:17:12.0406 3668 IPSec - ok 11:17:12.0437 3668 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 11:17:12.0453 3668 IRENUM - ok 11:17:12.0484 3668 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys 11:17:12.0500 3668 isapnp - ok 11:17:12.0531 3668 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 11:17:12.0531 3668 Kbdclass - ok 11:17:12.0562 3668 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 11:17:12.0562 3668 kbdhid - ok 11:17:12.0593 3668 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 11:17:12.0609 3668 kmixer - ok 11:17:12.0703 3668 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 11:17:12.0703 3668 KSecDD - ok 11:17:12.0734 3668 lbrtfdc - ok 11:17:12.0828 3668 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 11:17:12.0828 3668 mdmxsdk - ok 11:17:12.0937 3668 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 11:17:12.0937 3668 MHNDRV - ok 11:17:13.0250 3668 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 11:17:13.0265 3668 mnmdd - ok 11:17:13.0500 3668 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys 11:17:13.0500 3668 Modem - ok 11:17:13.0640 3668 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys 11:17:13.0656 3668 Mouclass - ok 11:17:13.0781 3668 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 11:17:13.0781 3668 mouhid - ok 11:17:13.0828 3668 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 11:17:13.0828 3668 MountMgr - ok 11:17:13.0875 3668 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys 11:17:13.0890 3668 MPE - ok 11:17:13.0921 3668 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 11:17:13.0937 3668 mraid35x - ok 11:17:13.0953 3668 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 11:17:13.0968 3668 MRxDAV - ok 11:17:14.0062 3668 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 11:17:14.0062 3668 MRxSmb - ok 11:17:14.0312 3668 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 11:17:14.0312 3668 Msfs - ok 11:17:14.0406 3668 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 11:17:14.0406 3668 MSKSSRV - ok 11:17:14.0609 3668 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 11:17:14.0625 3668 MSPCLOCK - ok 11:17:14.0734 3668 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 11:17:14.0734 3668 MSPQM - ok 11:17:14.0906 3668 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 11:17:14.0906 3668 mssmbios - ok 11:17:15.0031 3668 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 11:17:15.0046 3668 MSTEE - ok 11:17:15.0187 3668 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 11:17:15.0187 3668 Mup - ok 11:17:15.0250 3668 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 11:17:15.0250 3668 NABTSFEC - ok 11:17:15.0437 3668 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 11:17:15.0687 3668 NDIS - ok 11:17:16.0171 3668 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 11:17:16.0171 3668 NdisIP - ok 11:17:16.0234 3668 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 11:17:16.0234 3668 NdisTapi - ok 11:17:16.0296 3668 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 11:17:16.0296 3668 Ndisuio - ok 11:17:16.0359 3668 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 11:17:16.0375 3668 NdisWan - ok 11:17:16.0421 3668 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 11:17:16.0437 3668 NDProxy - ok 11:17:16.0578 3668 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 11:17:16.0578 3668 NetBIOS - ok 11:17:16.0671 3668 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 11:17:16.0671 3668 NetBT - ok 11:17:16.0781 3668 NETFLTDI (d8f44fc13db193c9379297973ee42272) C:\WINDOWS\system32\Drivers\NETFLTDI.SYS 11:17:16.0781 3668 NETFLTDI - ok 11:17:16.0843 3668 NETIMFLT01060044 (9dee136c4863d5065437d07262bb5c40) C:\WINDOWS\system32\DRIVERS\neti1644.sys 11:17:16.0843 3668 NETIMFLT01060044 - ok 11:17:16.0906 3668 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 11:17:16.0906 3668 NIC1394 - ok 11:17:16.0953 3668 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 11:17:16.0968 3668 Npfs - ok 11:17:17.0031 3668 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 11:17:17.0046 3668 Ntfs - ok 11:17:17.0140 3668 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 11:17:17.0140 3668 Null - ok 11:17:17.0375 3668 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 11:17:17.0437 3668 nv - ok 11:17:17.0546 3668 nvata (3ac5eedd35b7437d53960f3998bfa462) C:\WINDOWS\system32\DRIVERS\nvata.sys 11:17:17.0546 3668 nvata - ok 11:17:17.0593 3668 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 11:17:17.0593 3668 NVENETFD - ok 11:17:17.0640 3668 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 11:17:17.0640 3668 nvnetbus - ok 11:17:17.0750 3668 nvsmu (e0f76fab86fec98778047d0c7c39cbb9) C:\WINDOWS\system32\DRIVERS\nvsmu.sys 11:17:17.0750 3668 nvsmu - ok 11:17:17.0906 3668 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 11:17:17.0906 3668 NwlnkFlt - ok 11:17:18.0046 3668 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 11:17:18.0046 3668 NwlnkFwd - ok 11:17:18.0187 3668 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 11:17:18.0187 3668 ohci1394 - ok 11:17:18.0281 3668 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\drivers\Parport.sys 11:17:18.0281 3668 Parport - ok 11:17:18.0312 3668 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 11:17:18.0312 3668 PartMgr - ok 11:17:18.0375 3668 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 11:17:18.0375 3668 ParVdm - ok 11:17:18.0515 3668 pavboot (55d654258a9c509b671310c314bd30b4) C:\WINDOWS\system32\Drivers\pavboot.sys 11:17:18.0515 3668 pavboot - ok 11:17:18.0578 3668 PavProc (a110035fdc4b8f8f0cd5e71d031274e1) C:\WINDOWS\system32\DRIVERS\PavProc.sys 11:17:18.0578 3668 PavProc - ok 11:17:18.0609 3668 PavSRK.sys - ok 11:17:18.0656 3668 PavTPK.sys - ok 11:17:18.0703 3668 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys 11:17:18.0703 3668 PCI - ok 11:17:18.0734 3668 PCIDump - ok 11:17:18.0796 3668 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 11:17:18.0796 3668 PCIIde - ok 11:17:18.0843 3668 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 11:17:18.0843 3668 Pcmcia - ok 11:17:18.0875 3668 PDCOMP - ok 11:17:18.0906 3668 PDFRAME - ok 11:17:18.0937 3668 PDRELI - ok 11:17:18.0968 3668 PDRFRAME - ok 11:17:19.0015 3668 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 11:17:19.0015 3668 perc2 - ok 11:17:19.0125 3668 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 11:17:19.0125 3668 perc2hib - ok 11:17:19.0234 3668 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 11:17:19.0234 3668 PptpMiniport - ok 11:17:19.0265 3668 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 11:17:19.0265 3668 PSched - ok 11:17:19.0312 3668 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 11:17:19.0312 3668 Ptilink - ok 11:17:19.0343 3668 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys 11:17:19.0343 3668 PxHelp20 - ok 11:17:19.0390 3668 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 11:17:19.0390 3668 ql1080 - ok 11:17:19.0437 3668 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 11:17:19.0437 3668 Ql10wnt - ok 11:17:19.0484 3668 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 11:17:19.0484 3668 ql12160 - ok 11:17:19.0515 3668 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 11:17:19.0515 3668 ql1240 - ok 11:17:19.0562 3668 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 11:17:19.0562 3668 ql1280 - ok 11:17:19.0593 3668 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 11:17:19.0609 3668 RasAcd - ok 11:17:19.0906 3668 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 11:17:19.0906 3668 Rasl2tp - ok 11:17:19.0937 3668 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 11:17:19.0953 3668 RasPppoe - ok 11:17:20.0046 3668 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 11:17:20.0046 3668 Raspti - ok 11:17:20.0140 3668 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 11:17:20.0156 3668 Rdbss - ok 11:17:20.0187 3668 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 11:17:20.0187 3668 RDPCDD - ok 11:17:20.0265 3668 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 11:17:20.0281 3668 rdpdr - ok 11:17:20.0359 3668 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 11:17:20.0359 3668 RDPWD - ok 11:17:20.0437 3668 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys 11:17:20.0437 3668 redbook - ok 11:17:20.0562 3668 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys 11:17:20.0562 3668 Revoflt - ok 11:17:20.0625 3668 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 11:17:20.0640 3668 rimmptsk - ok 11:17:20.0656 3668 rimsptsk (8f7012d1b6a71ee9c23ce93dcdbf9f4b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 11:17:20.0656 3668 rimsptsk - ok 11:17:20.0718 3668 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 11:17:20.0718 3668 rismxdp - ok 11:17:20.0812 3668 RTL2832UBDA (afddcf65cc3245e477f31f180d75bc9e) C:\WINDOWS\system32\drivers\RTL2832UBDA.sys 11:17:20.0828 3668 RTL2832UBDA - ok 11:17:20.0875 3668 RTL2832UUSB (6adb7b70b4169e9845d5e70f5abeb997) C:\WINDOWS\system32\Drivers\RTL2832UUSB.sys 11:17:20.0875 3668 RTL2832UUSB - ok 11:17:20.0921 3668 RTL2832U_IRHID (d4489365be6e27f4bab4524aba5e4278) C:\WINDOWS\system32\DRIVERS\RTL2832U_IRHID.sys 11:17:20.0921 3668 RTL2832U_IRHID - ok 11:17:21.0031 3668 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 11:17:21.0031 3668 rtl8139 - ok 11:17:21.0125 3668 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 11:17:21.0125 3668 sdbus - ok 11:17:21.0171 3668 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 11:17:21.0171 3668 Secdrv - ok 11:17:21.0234 3668 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\drivers\Serial.sys 11:17:21.0234 3668 Serial - ok 11:17:21.0312 3668 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys 11:17:21.0312 3668 sffdisk - ok 11:17:21.0359 3668 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 11:17:21.0359 3668 sffp_sd - ok 11:17:21.0437 3668 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 11:17:21.0437 3668 Sfloppy - ok 11:17:21.0515 3668 ShldDrv (32d6f7632234f0354c79e915ca4613d4) C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys 11:17:21.0515 3668 ShldDrv - ok 11:17:21.0625 3668 Simbad - ok 11:17:21.0671 3668 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 11:17:21.0671 3668 sisagp - ok 11:17:21.0734 3668 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 11:17:21.0734 3668 SLIP - ok 11:17:21.0796 3668 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 11:17:21.0796 3668 Sparrow - ok 11:17:21.0859 3668 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 11:17:21.0859 3668 splitter - ok 11:17:21.0921 3668 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys 11:17:21.0921 3668 sr - ok 11:17:22.0031 3668 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 11:17:22.0046 3668 Srv - ok 11:17:22.0125 3668 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 11:17:22.0125 3668 streamip - ok 11:17:22.0156 3668 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 11:17:22.0156 3668 swenum - ok 11:17:22.0187 3668 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 11:17:22.0187 3668 swmidi - ok 11:17:22.0265 3668 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 11:17:22.0265 3668 symc810 - ok 11:17:22.0328 3668 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 11:17:22.0328 3668 symc8xx - ok 11:17:22.0359 3668 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 11:17:22.0375 3668 sym_hi - ok 11:17:22.0437 3668 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 11:17:22.0437 3668 sym_u3 - ok 11:17:22.0500 3668 SynTP (60cb9f7c95791fe56a6e86868f4467ba) C:\WINDOWS\system32\DRIVERS\SynTP.sys 11:17:22.0515 3668 SynTP - ok 11:17:22.0562 3668 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 11:17:22.0562 3668 sysaudio - ok 11:17:22.0656 3668 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 11:17:22.0671 3668 Tcpip - ok 11:17:22.0750 3668 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 11:17:22.0750 3668 TDPIPE - ok 11:17:22.0812 3668 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 11:17:22.0812 3668 TDTCP - ok 11:17:22.0859 3668 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 11:17:22.0859 3668 TermDD - ok 11:17:22.0937 3668 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 11:17:22.0937 3668 TosIde - ok 11:17:23.0015 3668 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 11:17:23.0015 3668 Udfs - ok 11:17:23.0046 3668 UIUSys - ok 11:17:23.0078 3668 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 11:17:23.0078 3668 ultra - ok 11:17:23.0156 3668 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 11:17:23.0156 3668 Update - ok 11:17:23.0250 3668 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 11:17:23.0250 3668 usbccgp - ok 11:17:23.0328 3668 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 11:17:23.0328 3668 usbehci - ok 11:17:23.0390 3668 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 11:17:23.0406 3668 usbhub - ok 11:17:23.0437 3668 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 11:17:23.0437 3668 usbohci - ok 11:17:23.0484 3668 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 11:17:23.0484 3668 usbprint - ok 11:17:23.0562 3668 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 11:17:23.0562 3668 USBSTOR - ok 11:17:23.0625 3668 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 11:17:23.0625 3668 usbuhci - ok 11:17:23.0703 3668 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 11:17:23.0703 3668 VgaSave - ok 11:17:23.0750 3668 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 11:17:23.0750 3668 viaagp - ok 11:17:23.0796 3668 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 11:17:23.0812 3668 ViaIde - ok 11:17:23.0828 3668 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys 11:17:23.0843 3668 VolSnap - ok 11:17:23.0906 3668 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 11:17:23.0906 3668 Wanarp - ok 11:17:23.0953 3668 wceusbsh (849f89b23ff0841c9fe7939362f14348) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys 11:17:23.0953 3668 wceusbsh - ok 11:17:24.0000 3668 WDICA - ok 11:17:24.0046 3668 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 11:17:24.0062 3668 wdmaud - ok 11:17:24.0171 3668 winachsf (7fe372b1ab60736cc67e8eb6f1fb1f5b) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 11:17:24.0187 3668 winachsf - ok 11:17:24.0312 3668 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 11:17:24.0328 3668 WmiAcpi - ok 11:17:24.0390 3668 WNMFLT (0411d0433e8c48ad24b2ef32d7c97ae0) C:\WINDOWS\system32\Drivers\WNMFLT.SYS 11:17:24.0406 3668 WNMFLT - ok 11:17:24.0468 3668 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 11:17:24.0468 3668 WS2IFSL - ok 11:17:24.0562 3668 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 11:17:24.0562 3668 WSTCODEC - ok 11:17:24.0625 3668 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 11:17:24.0625 3668 WudfPf - ok 11:17:24.0671 3668 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 11:17:24.0671 3668 WudfRd - ok 11:17:24.0765 3668 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 11:17:24.0843 3668 \Device\Harddisk0\DR0 - ok 11:17:24.0843 3668 Boot (0x1200) (d59887d8e38db793151a92526293045c) \Device\Harddisk0\DR0\Partition0 11:17:24.0859 3668 \Device\Harddisk0\DR0\Partition0 - ok 11:17:24.0890 3668 Boot (0x1200) (f0c27e94bd0b4bb26acc48acec63acc5) \Device\Harddisk0\DR0\Partition1 11:17:24.0890 3668 \Device\Harddisk0\DR0\Partition1 - ok 11:17:24.0890 3668 ============================================================ 11:17:24.0890 3668 Scan finished 11:17:24.0890 3668 ============================================================ 11:17:24.0921 3548 Detected object count: 0 11:17:24.0921 3548 Actual detected object count: 0 en aswMBR log: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-09-25 11:29:01 ----------------------------- 11:29:01.890 OS Version: Windows 5.1.2600 Service Pack 3 11:29:01.890 Number of processors: 2 586 0x4802 11:29:01.890 ComputerName: YOUR-D9E2434D81 UserName: user 11:29:02.671 Initialize success 11:29:11.843 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000008b 11:29:11.843 Disk 0 Vendor: Size: 0MB BusType: 0 11:29:11.875 Disk 0 MBR read successfully 11:29:11.875 Disk 0 MBR scan 11:29:11.875 Disk 0 Windows XP default MBR code 11:29:11.875 Disk 0 MBR hidden 11:29:11.953 Disk 0 scanning C:\WINDOWS\system32\drivers 11:29:20.812 Service scanning 11:29:22.718 Modules scanning 11:29:30.546 Disk 0 trace - called modules: 11:29:30.593 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys 11:29:30.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a70eab8] 11:29:30.593 3 CLASSPNP.SYS[f74f7fd7] -> nt!IofCallDriver -> \Device\0000008c[0x8a779f18] 11:29:30.609 5 ACPI.sys[f735d620] -> nt!IofCallDriver -> \Device\0000008b[0x8a7b1030] 11:29:30.609 Scan finished successfully 11:29:53.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Mijn documenten\MBR.dat" 11:29:53.812 The log file has been saved successfully to "C:\Documents and Settings\user\Mijn documenten\aswMBR zondag.txt" 11:30:04.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Bureaublad\MBR.dat" 11:30:04.250 The log file has been saved successfully to "C:\Documents and Settings\user\Bureaublad\aswMBR zondag.txt" Had het opgeslagen in MijnDocumenten, maar die reageert niet... Groetjes Holly
Link naar reactie
  • 0
De MBR van de HD is in ieder geval gezond! [b:6f31d4c68f][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:6f31d4c68f] [list:6f31d4c68f] [*:6f31d4c68f]Klik op de knop [b:6f31d4c68f]ESET Online Scanner[/b:6f31d4c68f] [*:6f31d4c68f]Zet een vinkje bij [b:6f31d4c68f]YES, I accept the Terms of Use[/b:6f31d4c68f] [*:6f31d4c68f]Klik op [b:6f31d4c68f]Start[/b:6f31d4c68f] [*:6f31d4c68f]Sta het ActiveX control toe om te installeren. [*:6f31d4c68f]Zet een vinkje bij de volgende opties: [list:6f31d4c68f][*:6f31d4c68f][b:6f31d4c68f]Remove found threats[/b:6f31d4c68f] [*:6f31d4c68f][b:6f31d4c68f]Scan archives[/b:6f31d4c68f][/list:u:6f31d4c68f] [*:6f31d4c68f]Klik vervolgens op [b:6f31d4c68f][color=#0000FF:6f31d4c68f]"Advanced Settings"[/color:6f31d4c68f][/b:6f31d4c68f] [list:6f31d4c68f][*:6f31d4c68f][b:6f31d4c68f]Scan for potentially unwanted applications[/b:6f31d4c68f] [*:6f31d4c68f][b:6f31d4c68f]Scan for potentially unsafe applications[/b:6f31d4c68f] [*:6f31d4c68f][b:6f31d4c68f]Enable Anti-Stealth technology [/b:6f31d4c68f][/list:u:6f31d4c68f] [*:6f31d4c68f]Klik op [b:6f31d4c68f]Start[/b:6f31d4c68f] [*:6f31d4c68f]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:6f31d4c68f]is de scan klaar, klik dan op [b:6f31d4c68f][color=#0000FF:6f31d4c68f]> List of found threats[/color:6f31d4c68f][/b:6f31d4c68f] [*:6f31d4c68f]Klik vervolgens op [color=#0000FF:6f31d4c68f][b:6f31d4c68f]> Export to text file....[/b:6f31d4c68f][/color:6f31d4c68f] [*:6f31d4c68f]Als opslaglokatie Bureaublad en geef het kladblokbestand een duidelijke titel. [*:6f31d4c68f]Daarna mag jij het venster sluiten omdat de scan klaar is. [*:6f31d4c68f]Open vervolgens het log dat op je bureaublad staat. [*:6f31d4c68f]En kopieer en plak dan de inhoud van dit log in je volgende bericht.[/list:u:6f31d4c68f] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
Link naar reactie
  • 0
Op dit moment niet hoor. We gaan nu voor het volgende: [b:39659d88da]Download [url=http://eric71.geekstogo.com/tools/LopSD.exe]LopSD[/url] of [url=http://eric.71.mespages.googlepages.com/LopSD.exe]LOPSD[/url] naar je Bureaublad.[/b:39659d88da] [list:39659d88da][*:39659d88da] [b:39659d88da]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:39659d88da] [list:39659d88da][*:39659d88da][b:39659d88da]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"![/list:u:39659d88da] [*:39659d88da] Kies Optie N en Enter [*:39659d88da] Klik OK bij het informatie venter [*:39659d88da] Kies Optie 2 en Enter [*:39659d88da] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:39659d88da][/list:u:39659d88da]
Link naar reactie
  • 0
Hallo Abraham54, hier het log: --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 ) BIOS : PhoenixBIOS 4.0 Release 6.1 USER : user ( Administrator ) BOOT : Normal boot Antivirus : Panda Global Protection 2012 5.00.00 (Not Activated) Firewall : Panda Personal Firewall 2012 5.00.00 (Not Activated) C:\ (Local Disk) - NTFS - Total:102 Go (Free:29 Go) D:\ (Local Disk) - FAT32 - Total:8 Go (Free:1 Go) E:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( zo 25-09-2011|18:22 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Beschrijving van mappen in APPLIC~1 [28-02-2007|12:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [28-02-2007|12:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [28-02-2007|12:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [0|bestand(en)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes [5|map(pen)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar [20-06-2011|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [08-05-2011|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [08-05-2011|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [25-01-2011|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft [19-08-2009|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus [26-11-2010|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup [22-11-2010|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [01-01-2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [11-05-2011|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [02-05-2011|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [13-08-2011|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [22-11-2010|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles [03-09-2011|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Security [09-06-2010|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Software [12-05-2011|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools [22-11-2010|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [28-02-2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [08-03-2007|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [12-05-2011|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [08-03-2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes [25|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar [28-02-2007|12:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [28-02-2007|12:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia [28-02-2007|12:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes [5|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar [24-06-2010|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX [28-02-2007|12:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes [4|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar [09-11-2008|02:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes [3|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar [07-05-2011|20:28] C:\DOCUME~1\user\APPLIC~1\Adobe [02-05-2011|21:07] C:\DOCUME~1\user\APPLIC~1\Akfood [18-09-2009|18:26] C:\DOCUME~1\user\APPLIC~1\Antispyware [08-07-2009|23:44] C:\DOCUME~1\user\APPLIC~1\Apple Computer [24-06-2010|21:03] C:\DOCUME~1\user\APPLIC~1\ArcSoft [04-05-2011|20:59] C:\DOCUME~1\user\APPLIC~1\Auslogics [25-09-2011|18:19] C:\DOCUME~1\user\APPLIC~1\Azureus [31-08-2011|01:09] C:\DOCUME~1\user\APPLIC~1\Belastingdienst [25-03-2007|18:02] C:\DOCUME~1\user\APPLIC~1\CyberLink [16-12-2007|23:44] C:\DOCUME~1\user\APPLIC~1\Help [05-04-2008|01:53] C:\DOCUME~1\user\APPLIC~1\HP [11-09-2011|22:32] C:\DOCUME~1\user\APPLIC~1\HpUpdate [28-02-2007|12:10] C:\DOCUME~1\user\APPLIC~1\Identities [24-06-2010|20:46] C:\DOCUME~1\user\APPLIC~1\InstallShield [11-03-2007|17:25] C:\DOCUME~1\user\APPLIC~1\Leadertech [28-02-2007|12:10] C:\DOCUME~1\user\APPLIC~1\Macromedia [02-05-2011|21:29] C:\DOCUME~1\user\APPLIC~1\Malwarebytes [14-06-2011|00:29] C:\DOCUME~1\user\APPLIC~1\Media Player Classic [07-05-2011|20:28] C:\DOCUME~1\user\APPLIC~1\Microsoft [05-05-2011|14:38] C:\DOCUME~1\user\APPLIC~1\Mozilla [02-05-2011|21:51] C:\DOCUME~1\user\APPLIC~1\Omde [03-09-2011|11:29] C:\DOCUME~1\user\APPLIC~1\Panda Security [18-12-2010|15:20] C:\DOCUME~1\user\APPLIC~1\Raptr [11-05-2011|22:25] C:\DOCUME~1\user\APPLIC~1\Similarity [25-09-2011|09:20] C:\DOCUME~1\user\APPLIC~1\Skype [15-07-2010|12:06] C:\DOCUME~1\user\APPLIC~1\skypePM [11-03-2007|17:25] C:\DOCUME~1\user\APPLIC~1\Sonic [25-03-2008|01:04] C:\DOCUME~1\user\APPLIC~1\Sun [08-03-2007|19:52] C:\DOCUME~1\user\APPLIC~1\Template [26-05-2011|12:09] C:\DOCUME~1\user\APPLIC~1\Uniblue [09-06-2011|12:50] C:\DOCUME~1\user\APPLIC~1\vlc [0|bestand(en)] C:\DOCUME~1\user\APPLIC~1\bytes [33|map(pen)] C:\DOCUME~1\user\APPLIC~1\bytes beschikbaar --------------------\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks [18-09-2011 00:02][--a------] C:\WINDOWS\tasks\Basis-opruiming.job [20-09-2011 13:37][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [25-09-2011 18:23][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [25-09-2011 13:23][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [25-09-2011 09:16][--ah-----] C:\WINDOWS\tasks\SA.DAT [11-04-2006 13:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini --------------------\\ Beschrijving van mappen in C:\Program Files [24-09-2011|09:40] C:\Program Files\Adobe [08-05-2011|00:10] C:\Program Files\Apple Software Update [24-06-2010|21:00] C:\Program Files\ArcSoft [04-05-2011|20:59] C:\Program Files\Auslogics [21-09-2010|17:53] C:\Program Files\Belastingdienst [25-09-2011|13:57] C:\Program Files\Ccleaner [25-05-2011|22:58] C:\Program Files\CDBurnerXP [24-09-2011|23:25] C:\Program Files\Common Files [28-02-2007|12:10] C:\Program Files\ComPlus Applications [28-02-2007|12:10] C:\Program Files\CONEXANT [09-05-2011|10:17] C:\Program Files\Dotnetfx Cleanup trouble Sp1 en Sp2 [09-01-2010|15:46] C:\Program Files\Download-DU [28-07-2008|15:18] C:\Program Files\Encore [26-05-2011|21:52] C:\Program Files\ESET [29-11-2008|22:33] C:\Program Files\Frontura [24-09-2011|09:50] C:\Program Files\Google [05-05-2011|12:22] C:\Program Files\Hewlett-Packard [02-05-2011|22:07] C:\Program Files\HJT [07-09-2009|00:14] C:\Program Files\HP [28-02-2007|04:36] C:\Program Files\HPQ [27-11-2010|05:58] C:\Program Files\IEAK [06-06-2011|17:22] C:\Program Files\InstallShield Installation Information [11-08-2011|03:01] C:\Program Files\Internet Explorer [23-06-2011|22:38] C:\Program Files\Java [17-01-2010|16:09] C:\Program Files\K-Lite Codec Pack [25-01-2009|21:34] C:\Program Files\LGGSM [08-05-2011|13:29] C:\Program Files\MBAM Malwarebytes' Anti-Malware [09-10-2008|16:55] C:\Program Files\Messenger [26-08-2007|23:20] C:\Program Files\Microsoft ActiveSync [10-01-2010|21:13] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [28-02-2007|12:11] C:\Program Files\microsoft frontpage [26-05-2011|10:15] C:\Program Files\Microsoft Office [17-06-2011|16:55] C:\Program Files\Microsoft Silverlight [27-11-2010|05:51] C:\Program Files\Microsoft SQL Server [11-05-2011|13:24] C:\Program Files\microsoft technet dot com proc expl [28-02-2007|12:11] C:\Program Files\Microsoft Works [24-07-2010|00:58] C:\Program Files\Microsoft.NET [12-08-2010|03:09] C:\Program Files\Movie Maker [24-09-2011|09:50] C:\Program Files\Mozilla Firefox [28-05-2011|10:28] C:\Program Files\MSBuild [05-06-2009|08:47] C:\Program Files\MSECache [28-02-2007|12:11] C:\Program Files\MSN Gaming Zone [30-03-2007|18:12] C:\Program Files\MSXML 4.0 [09-10-2008|16:49] C:\Program Files\NetMeeting [28-02-2007|12:11] C:\Program Files\NetWaiting [04-05-2011|22:15] C:\Program Files\NT Registry Optimizer [13-09-2011|20:23] C:\Program Files\O en O defrag [28-02-2007|12:11] C:\Program Files\Online Services [27-11-2010|05:58] C:\Program Files\ORKTools [16-12-2010|04:01] C:\Program Files\Outlook Express [06-05-2011|19:08] C:\Program Files\panda GP11 phjm punt NL [04-06-2011|12:10] C:\Program Files\Panda GP12 phjm dot com [03-09-2011|11:30] C:\Program Files\Panda Security [07-03-2011|22:46] C:\Program Files\Panda Security Notebook [08-05-2011|00:12] C:\Program Files\QuickTime [24-06-2010|20:47] C:\Program Files\Realtek [09-05-2011|10:46] C:\Program Files\Reference Assemblies [11-05-2011|20:35] C:\Program Files\Similarity [15-07-2010|12:08] C:\Program Files\skype [28-02-2007|12:11] C:\Program Files\Sonic [10-06-2011|02:03] C:\Program Files\SopCast [28-02-2007|12:11] C:\Program Files\Synaptics [02-05-2011|22:08] C:\Program Files\Trend Micro [27-11-2010|05:52] C:\Program Files\Uninstall Information [22-08-2011|21:30] C:\Program Files\VideoLAN [05-05-2011|20:28] C:\Program Files\VS Revo Group [24-09-2011|01:24] C:\Program Files\Vuze [26-05-2011|11:22] C:\Program Files\WinDirStat [21-01-2009|21:41] C:\Program Files\Windows Media Connect 2 [21-01-2009|21:41] C:\Program Files\Windows Media Player [09-10-2008|16:49] C:\Program Files\Windows NT [28-02-2007|12:11] C:\Program Files\Windows Plus [28-02-2007|12:11] C:\Program Files\xerox [0|bestand(en)] C:\Program Files\bytes [75|map(pen)] C:\Program Files\bytes beschikbaar --------------------\\ Beschrijving van mappen in C:\Program Files\Common Files [20-06-2011|11:37] C:\Program Files\Common Files\Adobe [08-05-2011|00:11] C:\Program Files\Common Files\Apple [24-06-2010|21:01] C:\Program Files\Common Files\ArcSoft [26-08-2007|23:19] C:\Program Files\Common Files\Designer [28-02-2007|12:10] C:\Program Files\Common Files\HP [09-01-2010|17:01] C:\Program Files\Common Files\InstallShield [28-02-2007|12:10] C:\Program Files\Common Files\LightScribe [26-05-2011|10:15] C:\Program Files\Common Files\Microsoft Shared [28-02-2007|12:10] C:\Program Files\Common Files\MSSoap [28-02-2007|12:10] C:\Program Files\Common Files\ODBC [03-09-2011|11:29] C:\Program Files\Common Files\Panda Security [28-02-2007|12:10] C:\Program Files\Common Files\Services [15-07-2010|12:07] C:\Program Files\Common Files\Skype [28-02-2007|12:10] C:\Program Files\Common Files\Sonic Shared [28-02-2007|12:10] C:\Program Files\Common Files\SpeechEngines [28-02-2007|12:10] C:\Program Files\Common Files\SureThing Shared [08-03-2007|19:57] C:\Program Files\Common Files\Symantec Shared [27-11-2010|05:44] C:\Program Files\Common Files\System [28-02-2007|12:10] C:\Program Files\Common Files\TiVo Shared [0|bestand(en)] C:\Program Files\Common Files\bytes [21|map(pen)] C:\Program Files\Common Files\bytes beschikbaar --------------------\\ Process ( 61 Processes ) ... OK ! --------------------\\ Zoeken met S_Lop Geen Lop mappen gevonden ! --------------------\\ Zoeken naar Lop Bestanden - Mappen Geen Lop mappen gevonden ! --------------------\\ Zoeken doorheen het Register ..... OK ! --------------------\\ Nazicht van het Hosts bestand Hosts bestand IN ORDE --------------------\\ Zoeken naar verborgen bestanden met Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-25 18:25:16 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Zoeken naar andere infecties --------------------\\ Cracks & Keygens .. C:\DOCUME~1\user\Mijn documenten\Azureus Downloads\0001 new\0003 muziek\Mega Dance Top 100 Summer 2011\045_the_freestylers_ft_belle_humble_-_cracks_firebeatz_remix.mp3 [F:12][D:16]-> C:\DOCUME~1\user\LOCALS~1\Temp [F:2][D:0]-> C:\DOCUME~1\user\Cookies [F:9][D:2]-> C:\DOCUME~1\user\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - zo 25-09-2011|18:26 - Option : [2] --------------------\\ Scan voltooid om 18:26:30 Groetjes Holly ps in de task manager gaat IE tekeer, maar ik gebruik MozillaFirefox...? en die gekke Adobe probeert nog steeds telkens weer te installeren :( Misschien is het extra informatie.
Link naar reactie
  • 0
Het log geeft aan dat [b:131398f8ad]Antivirus : Panda Global Protection 2012 5.00.00 (Not Activated) Firewall : Panda Personal Firewall 2012 5.00.00 (Not Activated)[/b:131398f8ad] De hoofdbeveiliging is! Ik vind namelijk ook nog: - McAfee - PC Tools (= Firewall) - Symantec Ik vermoed dat een en ander ComboFix goed in de weg zit! En gebruik jij de Uniblue registeropschoner? Wel Adobe programma wil installeren?
Link naar reactie
  • 0
hallo Abraham54, Bij het laatste tool LopSD gaf u aan de antivirus enzo even te deaktiveren, dat heb ik gedaan. Maar direct na de scan en het gesave-de log heb ik die weer aangezet hoor. Niet zo prettig zonder bescherming&beveiliging op internet. Die was alleen op instructie tijdens de scan gedeactiveerd. Uniblue, heb ik ooit naar gekeken, maar niet gebruikt, leek me iets te drastisch! Na wat googlen begreep ik dat dat programma te veel zou weghalen, te veel wat je lief zou zijn, dus heb ik het (dacht ik) gedelete, maar er zijn dus resten? :o McAfee heb ik niet, maar die zou bijna bij een download van Adobe erbij komen, maar die had ik uitgevinkt... Symantec weet ik niet wat dat is, evenmin PC Tools. Geen idee eerlijk gezegd. Dat zijn dus ook iets van antivirussen? Zijn die stiekem met downloads dan meegekomen misschien? Zover ik weet heb ik Global Panda 2012 en de automatische updates van Windows. Hoe krijg ik mijn pc schoon van deze en waar vind ik die? De laatste zin in uw bericht begrijp ik niet goed. Maar wat betreft Adobe: die wil zichzelf telkens installeren. Het icoontje was van Adobe, ik kwam op de site, heb het al 3x handmatig geinstalleerd maar het blijft onregelmatig tevoorschijn komen en dan wil het zich installeren, dan verschijnt een pop-up dat de installatie mislukt is...? En de Explorer explodeert soms bijna, die neemt dan tussen 50 en 95 CPU in beslag. Dank, groetjes Holly
Link naar reactie
  • 0
Hallo Abraham54, het is gelukt! De pc protesteerde wel nogal en nu nog, maar ik heb het log. In de Save Modus lukte het wel. Het Combofix log: ComboFix 11-09-26.01 - user 26-09-2011 10:09:59.6.2 - x86 MINIMAL Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1983.1576 [GMT 2:00] Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe AV: Panda Global Protection 2012 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} FW: Panda Personal Firewall 2012 *Disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini c:\program files\Internet Explorer\SET51.tmp c:\program files\Internet Explorer\SET55.tmp c:\program files\Internet Explorer\SET56.tmp . ---- Voorgaande Run ------- . c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini C:\Thumbs.db . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-26 to 2011-09-26 )))))))))))))))))))))))))))))) . . 2011-09-26 07:50 . 2009-02-20 17:18 78336 ----a-w- c:\windows\system32\ieencode.dll 2011-09-26 07:50 . 2009-02-20 17:18 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll 2011-09-26 07:49 . 2011-09-26 07:49 -------- d-----w- c:\windows\LastGood 2011-09-25 19:51 . 2011-09-25 19:51 -------- d-----w- c:\program files\Google 2011-09-25 16:21 . 2011-09-25 16:26 -------- d-----w- C:\Lop SD 2011-09-23 23:34 . 2011-09-23 23:34 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\O&O 2011-09-23 23:26 . 2011-09-23 23:26 -------- d-----w- c:\documents and settings\user\.swt 2011-09-23 23:23 . 2011-09-23 23:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Conduit 2011-09-13 18:21 . 2011-09-13 18:23 -------- d-----w- c:\program files\O en O defrag 2011-09-03 10:17 . 2011-09-09 09:12 602624 ------w- c:\windows\system32\dllcache\crypt32.dll 2011-09-03 09:36 . 2011-09-26 07:45 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys 2011-09-03 09:30 . 2011-09-25 16:28 254648 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2011-09-03 09:30 . 2010-09-09 14:23 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys 2011-09-03 09:30 . 2009-09-25 12:54 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys 2011-09-03 09:30 . 2009-09-25 12:54 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys 2011-09-03 09:30 . 2011-01-31 14:41 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS 2011-09-03 09:30 . 2009-09-25 12:54 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS 2011-09-03 09:30 . 2009-09-25 12:54 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys 2011-09-03 09:30 . 2010-06-22 16:13 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys 2011-09-03 09:30 . 2007-03-15 17:38 54832 ----a-w- c:\windows\system32\pavcpl.cpl 2011-08-29 11:51 . 2011-08-29 11:51 388096 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-24 07:37 . 2011-06-02 14:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-09 09:12 . 2006-04-11 11:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-08-31 15:00 . 2011-05-09 01:22 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-15 13:29 . 2005-01-19 19:26 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2006-04-11 11:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-05-05 12:32 . 2011-05-05 12:32 12885904 ----a-w- c:\program files\Firefox Setup 4.0.1.exe 2011-09-06 22:36 . 2011-05-05 12:38 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-18 64512] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-27 61952] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 761946] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-11 102400] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-30 40960] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016] "nwiz"="nwiz.exe" [2006-07-20 1519616] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" [2011-04-13 1000768] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2012\Inicio.exe" [2011-02-02 70464] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "IERESETATTRIB"="%SystemRoot%\system32\ieudinit.exe -ResetFileAttributes" [X] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Photosmart Premier Snelstart.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632] TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2010-6-24 258048] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= . R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2012\psksvc.exe [3-9-2011 11:30 28992] S0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [3-9-2011 11:30 26696] S1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [3-9-2011 11:30 83528] S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [3-9-2011 11:30 53256] S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [3-9-2011 11:30 22024] S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [3-9-2011 11:30 193864] S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [3-9-2011 11:30 159112] S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [3-9-2011 11:29 37448] S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [3-9-2011 11:30 46856] S2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [3-9-2011 11:29 59080] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664] S2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [3-9-2011 11:29 163848] S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?] S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [3-9-2011 11:36 13880] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664] S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [3-9-2011 11:29 201032] S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?] S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [5-5-2011 20:28 27064] S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [24-6-2010 20:47 41120] S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [24-6-2010 20:47 74912] S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [24-6-2010 20:47 32288] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MDMXSDK . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2011-09-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2011-09-17 c:\windows\Tasks\Basis-opruiming.job - c:\program files\Panda Security\Panda Global Protection 2012\PlaTasks.exe [2011-09-03 12:23] . 2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36] . 2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\o2mvlgsk.default\ FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-26 10:15 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????<?@? ????f??????Y?@?????<?@ . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(260) c:\windows\system32\avldr.dll . Voltooingstijd: 2011-09-26 10:16:52 ComboFix-quarantined-files.txt 2011-09-26 08:16 . Pre-Run: 38.848.012.288 bytes beschikbaar Post-Run: 38.838.358.016 bytes beschikbaar . - - End Of File - - 2BE893DDAB37CBF632FA207C40DAAAE4 Groetjes Holly
Link naar reactie
  • 0
Wederom in veilige modus doe je nu het volgende: open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:d7f5ce7a3e]Kladblok[/b:d7f5ce7a3e]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:d7f5ce7a3e][color=Blue:d7f5ce7a3e]File:: c:\windows\system32\PavSRK.sys c:\windows\system32\PavTPK.sys Folder:: C:\Program Files\Common Files\Symantec Shared[/color:d7f5ce7a3e][/b:d7f5ce7a3e] Sla dit kladblokbestand op je bureaublad op als [b:d7f5ce7a3e]CFScript.txt[/b:d7f5ce7a3e]. [b:d7f5ce7a3e][color=Red:d7f5ce7a3e]Nu eerst de antivirus deaktiveren![/color:d7f5ce7a3e][/b:d7f5ce7a3e] Sleep CFScript.txt in ComboFix.exe [img:d7f5ce7a3e]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:d7f5ce7a3e] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
Link naar reactie
  • 0
Hallo Abraham54, weer gelukt :D Het log van het CFSript in de Combofix: ComboFix 11-09-26.01 - user 26-09-2011 12:06:45.7.2 - x86 MINIMAL Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1983.1661 [GMT 2:00] Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\user\Bureaublad\CFScript.txt AV: Panda Global Protection 2012 *Disabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595} FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} FW: Panda Personal Firewall 2012 *Disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8} . FILE :: "c:\windows\system32\PavSRK.sys" "c:\windows\system32\PavTPK.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse c:\documents and settings\user\Local Settings\Application Data\ApplicationHistory\hpqthb08.exe.a935d1e0.ini c:\program files\Common Files\Symantec Shared c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-26 to 2011-09-26 )))))))))))))))))))))))))))))) . . 2011-09-26 07:50 . 2011-06-21 18:37 78336 ----a-w- c:\windows\system32\ieencode.dll 2011-09-26 07:50 . 2011-06-21 18:37 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll 2011-09-25 19:51 . 2011-09-25 19:51 -------- d-----w- c:\program files\Google 2011-09-25 16:21 . 2011-09-25 16:26 -------- d-----w- C:\Lop SD 2011-09-23 23:34 . 2011-09-23 23:34 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\O&O 2011-09-23 23:26 . 2011-09-23 23:26 -------- d-----w- c:\documents and settings\user\.swt 2011-09-23 23:23 . 2011-09-23 23:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Conduit 2011-09-13 18:21 . 2011-09-13 18:23 -------- d-----w- c:\program files\O en O defrag 2011-09-03 10:17 . 2011-09-09 09:12 602624 ------w- c:\windows\system32\dllcache\crypt32.dll 2011-09-03 09:36 . 2011-09-26 08:36 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys 2011-09-03 09:30 . 2011-09-25 16:28 254648 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2011-09-03 09:30 . 2010-09-09 14:23 193864 ----a-w- c:\windows\system32\drivers\idsflt.sys 2011-09-03 09:30 . 2009-09-25 12:54 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys 2011-09-03 09:30 . 2009-09-25 12:54 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys 2011-09-03 09:30 . 2011-01-31 14:41 83528 ----a-w- c:\windows\system32\drivers\APPFLT.SYS 2011-09-03 09:30 . 2009-09-25 12:54 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS 2011-09-03 09:30 . 2009-09-25 12:54 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys 2011-09-03 09:30 . 2010-06-22 16:13 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys 2011-09-03 09:30 . 2007-03-15 17:38 54832 ----a-w- c:\windows\system32\pavcpl.cpl 2011-08-29 11:51 . 2011-08-29 11:51 388096 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-24 07:37 . 2011-06-02 14:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-09 09:12 . 2006-04-11 11:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2011-08-31 15:00 . 2011-05-09 01:22 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-15 13:29 . 2005-01-19 19:26 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2006-04-11 11:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-05-05 12:32 . 2011-05-05 12:32 12885904 ----a-w- c:\program files\Firefox Setup 4.0.1.exe 2011-09-06 22:36 . 2011-05-05 12:38 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-09-26_08.15.20 ))))))))))))))))))))))))))))))))))))))))) . + 2005-07-03 17:17 . 2011-06-21 18:37 44544 c:\windows\system32\pngfilt.dll - 2005-07-03 17:17 . 2009-02-20 17:18 44544 c:\windows\system32\pngfilt.dll + 2006-11-07 20:03 . 2011-06-21 18:37 52224 c:\windows\system32\msfeedsbs.dll - 2006-11-07 20:03 . 2009-02-20 17:18 52224 c:\windows\system32\msfeedsbs.dll - 2006-04-11 11:00 . 2009-02-20 17:18 27648 c:\windows\system32\jsproxy.dll + 2006-04-11 11:00 . 2011-06-21 18:37 27648 c:\windows\system32\jsproxy.dll + 2006-04-11 11:00 . 2011-06-21 18:37 44544 c:\windows\system32\iernonce.dll - 2006-04-11 11:00 . 2009-02-20 17:18 44544 c:\windows\system32\iernonce.dll + 2006-04-11 11:00 . 2011-06-21 11:46 70656 c:\windows\system32\ie4uinit.exe - 2006-04-11 11:00 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe + 2006-10-17 10:58 . 2011-06-21 18:37 63488 c:\windows\system32\icardie.dll - 2006-10-17 10:58 . 2009-02-20 17:18 63488 c:\windows\system32\icardie.dll + 2006-10-17 10:58 . 2011-06-21 18:37 44544 c:\windows\system32\dllcache\pngfilt.dll - 2006-10-17 10:58 . 2009-02-20 17:18 44544 c:\windows\system32\dllcache\pngfilt.dll - 2007-06-07 20:46 . 2009-02-20 17:18 52224 c:\windows\system32\dllcache\msfeedsbs.dll + 2007-06-07 20:46 . 2011-06-21 18:37 52224 c:\windows\system32\dllcache\msfeedsbs.dll - 2006-04-11 11:00 . 2009-02-20 17:18 27648 c:\windows\system32\dllcache\jsproxy.dll + 2006-04-11 11:00 . 2011-06-21 18:37 27648 c:\windows\system32\dllcache\jsproxy.dll - 2007-06-07 20:46 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe + 2007-06-07 20:46 . 2011-06-21 11:46 13824 c:\windows\system32\dllcache\ieudinit.exe + 2006-04-11 11:00 . 2011-06-21 18:37 44544 c:\windows\system32\dllcache\iernonce.dll - 2006-04-11 11:00 . 2009-02-20 17:18 44544 c:\windows\system32\dllcache\iernonce.dll + 2006-11-07 02:26 . 2011-06-21 11:46 70656 c:\windows\system32\dllcache\ie4uinit.exe - 2006-11-07 02:26 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe + 2007-12-07 02:18 . 2011-06-21 18:37 63488 c:\windows\system32\dllcache\icardie.dll - 2007-12-07 02:18 . 2009-02-20 17:18 63488 c:\windows\system32\dllcache\icardie.dll + 2006-04-11 11:00 . 2011-06-21 18:37 17408 c:\windows\system32\dllcache\corpol.dll + 2006-04-11 11:00 . 2011-06-21 18:37 17408 c:\windows\system32\corpol.dll + 2011-09-26 08:27 . 2009-02-20 17:18 44544 c:\windows\ie7updates\KB2559049-IE7\pngfilt.dll + 2011-09-26 08:27 . 2009-02-20 17:18 52224 c:\windows\ie7updates\KB2559049-IE7\msfeedsbs.dll + 2011-09-26 08:27 . 2009-02-20 17:18 27648 c:\windows\ie7updates\KB2559049-IE7\jsproxy.dll + 2011-09-26 08:27 . 2009-02-20 10:20 13824 c:\windows\ie7updates\KB2559049-IE7\ieudinit.exe + 2011-09-26 08:27 . 2009-02-20 17:18 44544 c:\windows\ie7updates\KB2559049-IE7\iernonce.dll + 2011-09-26 08:27 . 2009-02-20 17:18 78336 c:\windows\ie7updates\KB2559049-IE7\ieencode.dll + 2011-09-26 08:27 . 2009-02-20 10:20 70656 c:\windows\ie7updates\KB2559049-IE7\ie4uinit.exe + 2011-09-26 08:27 . 2009-02-20 17:18 63488 c:\windows\ie7updates\KB2559049-IE7\icardie.dll + 2011-09-26 08:27 . 2008-04-14 17:02 35328 c:\windows\ie7updates\KB2559049-IE7\corpol.dll + 2006-04-11 11:00 . 2011-06-21 18:37 832512 c:\windows\system32\wininet.dll - 2006-04-11 11:00 . 2009-02-20 17:18 233472 c:\windows\system32\webcheck.dll + 2006-04-11 11:00 . 2011-06-21 18:37 233472 c:\windows\system32\webcheck.dll + 2006-04-11 11:00 . 2011-03-04 06:44 434176 c:\windows\system32\vbscript.dll + 2006-04-11 11:00 . 2011-06-21 18:37 106496 c:\windows\system32\url.dll + 2006-04-11 11:00 . 2011-06-21 18:37 102912 c:\windows\system32\occache.dll - 2006-04-11 11:00 . 2009-02-20 17:18 102912 c:\windows\system32\occache.dll - 2006-04-11 11:00 . 2009-02-20 17:18 671232 c:\windows\system32\mstime.dll + 2006-04-11 11:00 . 2011-06-21 18:37 671232 c:\windows\system32\mstime.dll + 2005-07-03 17:17 . 2011-06-21 18:37 193024 c:\windows\system32\msrating.dll - 2005-07-03 17:17 . 2009-02-20 17:18 193024 c:\windows\system32\msrating.dll + 2005-07-03 17:17 . 2011-06-21 18:37 478720 c:\windows\system32\mshtmled.dll + 2006-11-07 20:03 . 2011-06-21 18:37 468480 c:\windows\system32\msfeeds.dll + 2006-04-11 11:00 . 2011-03-04 06:44 512000 c:\windows\system32\jscript.dll - 2006-04-11 11:00 . 2008-05-09 10:56 512000 c:\windows\system32\jscript.dll + 2006-10-17 10:57 . 2011-06-21 18:37 268288 c:\windows\system32\iertutil.dll - 2006-10-17 10:57 . 2009-02-20 17:18 268288 c:\windows\system32\iertutil.dll + 2006-01-25 17:56 . 2011-06-21 18:37 192512 c:\windows\system32\iepeers.dll + 2006-04-11 11:00 . 2011-06-21 18:37 384512 c:\windows\system32\iedkcs32.dll + 2006-10-17 10:27 . 2011-06-21 18:37 380928 c:\windows\system32\ieapfltr.dll + 2006-04-11 11:00 . 2011-06-20 11:27 161792 c:\windows\system32\ieakui.dll - 2006-04-11 11:00 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll + 2006-04-11 11:00 . 2011-06-21 18:37 230400 c:\windows\system32\ieaksie.dll - 2006-04-11 11:00 . 2009-02-20 17:18 230400 c:\windows\system32\ieaksie.dll + 2006-04-11 11:00 . 2011-06-21 18:37 153088 c:\windows\system32\ieakeng.dll - 2006-04-11 11:00 . 2009-02-20 17:18 153088 c:\windows\system32\ieakeng.dll + 2006-04-11 11:00 . 2011-06-21 18:37 133120 c:\windows\system32\extmgr.dll - 2006-04-11 11:00 . 2009-02-20 17:18 133120 c:\windows\system32\extmgr.dll + 2006-04-11 11:00 . 2011-06-21 18:37 214528 c:\windows\system32\dxtrans.dll - 2006-04-11 11:00 . 2009-02-20 17:18 214528 c:\windows\system32\dxtrans.dll + 2006-04-11 11:00 . 2011-06-21 18:37 347136 c:\windows\system32\dxtmsft.dll - 2006-04-11 11:00 . 2009-02-20 17:18 347136 c:\windows\system32\dxtmsft.dll + 2006-11-07 20:03 . 2011-06-21 18:37 832512 c:\windows\system32\dllcache\wininet.dll - 2006-11-07 20:03 . 2009-02-20 17:18 233472 c:\windows\system32\dllcache\webcheck.dll + 2006-11-07 20:03 . 2011-06-21 18:37 233472 c:\windows\system32\dllcache\webcheck.dll + 2006-11-07 20:03 . 2011-04-30 08:50 766464 c:\windows\system32\dllcache\vgx.dll + 2008-05-09 10:56 . 2011-03-04 06:44 434176 c:\windows\system32\dllcache\vbscript.dll + 2006-10-17 11:05 . 2011-06-21 18:37 106496 c:\windows\system32\dllcache\url.dll + 2006-10-17 11:04 . 2011-06-21 18:37 102912 c:\windows\system32\dllcache\occache.dll - 2006-10-17 11:04 . 2009-02-20 17:18 102912 c:\windows\system32\dllcache\occache.dll + 2006-04-11 11:00 . 2011-06-21 18:37 671232 c:\windows\system32\dllcache\mstime.dll - 2006-04-11 11:00 . 2009-02-20 17:18 671232 c:\windows\system32\dllcache\mstime.dll + 2006-10-17 11:05 . 2011-06-21 18:37 193024 c:\windows\system32\dllcache\msrating.dll - 2006-10-17 11:05 . 2009-02-20 17:18 193024 c:\windows\system32\dllcache\msrating.dll + 2006-11-07 20:03 . 2011-06-21 18:37 478720 c:\windows\system32\dllcache\mshtmled.dll + 2007-06-07 20:46 . 2011-06-21 18:37 468480 c:\windows\system32\dllcache\msfeeds.dll + 2008-05-09 10:56 . 2011-03-04 06:44 512000 c:\windows\system32\dllcache\jscript.dll - 2008-05-09 10:56 . 2008-05-09 10:56 512000 c:\windows\system32\dllcache\jscript.dll + 2006-10-17 11:04 . 2011-06-20 11:29 634648 c:\windows\system32\dllcache\iexplore.exe + 2007-06-07 20:46 . 2011-06-21 18:37 268288 c:\windows\system32\dllcache\iertutil.dll - 2007-06-07 20:46 . 2009-02-20 17:18 268288 c:\windows\system32\dllcache\iertutil.dll + 2006-11-07 20:03 . 2011-06-21 18:37 192512 c:\windows\system32\dllcache\iepeers.dll + 2006-04-11 11:00 . 2011-06-21 18:37 384512 c:\windows\system32\dllcache\iedkcs32.dll + 2007-06-07 20:46 . 2011-06-21 18:37 380928 c:\windows\system32\dllcache\ieapfltr.dll + 2006-04-11 11:00 . 2011-06-20 11:27 161792 c:\windows\system32\dllcache\ieakui.dll - 2006-04-11 11:00 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll - 2006-04-11 11:00 . 2009-02-20 17:18 230400 c:\windows\system32\dllcache\ieaksie.dll + 2006-04-11 11:00 . 2011-06-21 18:37 230400 c:\windows\system32\dllcache\ieaksie.dll + 2006-04-11 11:00 . 2011-06-21 18:37 153088 c:\windows\system32\dllcache\ieakeng.dll - 2006-04-11 11:00 . 2009-02-20 17:18 153088 c:\windows\system32\dllcache\ieakeng.dll + 2006-04-11 11:00 . 2011-06-21 18:37 133120 c:\windows\system32\dllcache\extmgr.dll - 2006-04-11 11:00 . 2009-02-20 17:18 133120 c:\windows\system32\dllcache\extmgr.dll - 2006-10-17 10:57 . 2009-02-20 17:18 214528 c:\windows\system32\dllcache\dxtrans.dll + 2006-10-17 10:57 . 2011-06-21 18:37 214528 c:\windows\system32\dllcache\dxtrans.dll + 2006-10-17 10:58 . 2011-06-21 18:37 347136 c:\windows\system32\dllcache\dxtmsft.dll - 2006-10-17 10:58 . 2009-02-20 17:18 347136 c:\windows\system32\dllcache\dxtmsft.dll - 2006-11-07 02:26 . 2009-02-20 17:18 124928 c:\windows\system32\dllcache\advpack.dll + 2006-11-07 02:26 . 2011-06-21 18:37 124928 c:\windows\system32\dllcache\advpack.dll + 2006-04-11 11:00 . 2011-06-21 18:37 124928 c:\windows\system32\advpack.dll - 2006-04-11 11:00 . 2009-02-20 17:18 124928 c:\windows\system32\advpack.dll + 2011-09-26 08:27 . 2009-03-03 00:16 826368 c:\windows\ie7updates\KB2559049-IE7\wininet.dll + 2011-09-26 08:27 . 2009-02-20 17:18 233472 c:\windows\ie7updates\KB2559049-IE7\webcheck.dll + 2011-09-26 08:27 . 2009-02-20 17:18 105984 c:\windows\ie7updates\KB2559049-IE7\url.dll + 2011-09-26 08:27 . 2010-07-05 13:21 401272 c:\windows\ie7updates\KB2559049-IE7\spuninst\updspapi.dll + 2011-09-26 08:27 . 2010-07-05 13:21 234872 c:\windows\ie7updates\KB2559049-IE7\spuninst\spuninst.exe + 2011-09-26 08:27 . 2009-02-20 17:18 102912 c:\windows\ie7updates\KB2559049-IE7\occache.dll + 2011-09-26 08:27 . 2009-02-20 17:18 671232 c:\windows\ie7updates\KB2559049-IE7\mstime.dll + 2011-09-26 08:27 . 2009-02-20 17:18 193024 c:\windows\ie7updates\KB2559049-IE7\msrating.dll + 2011-09-26 08:27 . 2009-02-20 17:18 477696 c:\windows\ie7updates\KB2559049-IE7\mshtmled.dll + 2011-09-26 08:27 . 2009-02-20 17:18 459264 c:\windows\ie7updates\KB2559049-IE7\msfeeds.dll + 2011-09-26 08:27 . 2009-02-28 04:54 636072 c:\windows\ie7updates\KB2559049-IE7\iexplore.exe + 2011-09-26 08:27 . 2009-02-20 17:18 268288 c:\windows\ie7updates\KB2559049-IE7\iertutil.dll + 2011-09-26 08:27 . 2006-11-07 20:03 191488 c:\windows\ie7updates\KB2559049-IE7\iepeers.dll + 2011-09-26 08:27 . 2009-02-20 17:18 385024 c:\windows\ie7updates\KB2559049-IE7\iedkcs32.dll + 2011-09-26 08:27 . 2009-02-20 17:18 383488 c:\windows\ie7updates\KB2559049-IE7\ieapfltr.dll + 2011-09-26 08:27 . 2009-02-20 05:14 161792 c:\windows\ie7updates\KB2559049-IE7\ieakui.dll + 2011-09-26 08:27 . 2009-02-20 17:18 230400 c:\windows\ie7updates\KB2559049-IE7\ieaksie.dll + 2011-09-26 08:27 . 2009-02-20 17:18 153088 c:\windows\ie7updates\KB2559049-IE7\ieakeng.dll + 2011-09-26 08:27 . 2009-02-20 17:18 133120 c:\windows\ie7updates\KB2559049-IE7\extmgr.dll + 2011-09-26 08:27 . 2009-02-20 17:18 214528 c:\windows\ie7updates\KB2559049-IE7\dxtrans.dll + 2011-09-26 08:27 . 2009-02-20 17:18 347136 c:\windows\ie7updates\KB2559049-IE7\dxtmsft.dll + 2011-09-26 08:27 . 2009-02-20 17:18 124928 c:\windows\ie7updates\KB2559049-IE7\advpack.dll + 2011-09-26 08:28 . 2007-07-12 23:32 765952 c:\windows\ie7updates\KB2544521-IE7\vgx.dll + 2011-09-26 08:28 . 2010-07-05 13:21 401272 c:\windows\ie7updates\KB2544521-IE7\spuninst\updspapi.dll + 2011-09-26 08:28 . 2010-07-05 13:21 234872 c:\windows\ie7updates\KB2544521-IE7\spuninst\spuninst.exe + 2006-04-11 11:00 . 2011-06-21 18:37 1168896 c:\windows\system32\urlmon.dll + 2006-04-11 11:00 . 2011-07-22 16:30 3613696 c:\windows\system32\mshtml.dll + 2006-11-07 20:03 . 2011-06-21 18:37 6076416 c:\windows\system32\ieframe.dll + 2006-09-05 22:01 . 2010-07-05 20:32 2452872 c:\windows\system32\ieapfltr.dat + 2006-11-07 20:03 . 2011-06-21 18:37 1168896 c:\windows\system32\dllcache\urlmon.dll + 2006-11-07 20:03 . 2011-07-22 16:30 3613696 c:\windows\system32\dllcache\mshtml.dll + 2007-06-07 20:46 . 2011-06-21 18:37 6076416 c:\windows\system32\dllcache\ieframe.dll + 2007-06-07 20:46 . 2010-07-05 20:32 2452872 c:\windows\system32\dllcache\ieapfltr.dat + 2011-09-26 08:27 . 2009-02-20 17:18 1160192 c:\windows\ie7updates\KB2559049-IE7\urlmon.dll + 2011-09-26 08:27 . 2009-02-20 17:18 3595264 c:\windows\ie7updates\KB2559049-IE7\mshtml.dll + 2011-09-26 08:27 . 2009-02-20 17:18 6066176 c:\windows\ie7updates\KB2559049-IE7\ieframe.dll + 2011-09-26 08:27 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB2559049-IE7\ieapfltr.dat . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-18 64512] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-27 61952] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 761946] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-11 102400] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-30 40960] "RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016] "nwiz"="nwiz.exe" [2006-07-20 1519616] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "APVXDWIN"="c:\program files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" [2011-04-13 1000768] "SCANINICIO"="c:\program files\Panda Security\Panda Global Protection 2012\Inicio.exe" [2011-02-02 70464] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Photosmart Premier Snelstart.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632] TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2010-6-24 258048] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= . R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Global Protection 2012\psksvc.exe [3-9-2011 11:30 28992] S0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [3-9-2011 11:30 26696] S1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [3-9-2011 11:30 83528] S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [3-9-2011 11:30 53256] S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [3-9-2011 11:30 22024] S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [3-9-2011 11:30 193864] S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [3-9-2011 11:30 159112] S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [3-9-2011 11:29 37448] S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [3-9-2011 11:30 46856] S2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [3-9-2011 11:29 59080] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664] S2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [3-9-2011 11:29 163848] S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?] S3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [3-9-2011 11:36 13880] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [31-1-2010 23:36 135664] S3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [3-9-2011 11:29 201032] S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?] S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [5-5-2011 20:28 27064] S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [24-6-2010 20:47 41120] S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [24-6-2010 20:47 74912] S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [24-6-2010 20:47 32288] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MDMXSDK . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2011-09-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2011-09-17 c:\windows\Tasks\Basis-opruiming.job - c:\program files\Panda Security\Panda Global Protection 2012\PlaTasks.exe [2011-09-03 12:23] . 2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36] . 2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 21:36] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\o2mvlgsk.default\ FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-26 12:12 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????<?@? ????f??????Y?@?????<?@ . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,ba,00,1a,94,08,65,46,ae,c3,0f,\ . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(256) c:\windows\system32\avldr.dll . Voltooingstijd: 2011-09-26 12:13:26 ComboFix-quarantined-files.txt 2011-09-26 10:13 ComboFix2.txt 2011-09-26 08:16 . Pre-Run: 38.615.814.144 bytes beschikbaar Post-Run: 38.601.396.224 bytes beschikbaar . - - End Of File - - E035D72AE853D9ADD0522DA438C8F69C Dank, groetjes Holly
Link naar reactie
  • 0
Het lijkt nu rustiger zo op het eerste ogenblik. De pc blaast nog een beetje, maar niet meer zo'n erg protest als eerder en als zonet! En de Combofix runde wel goed in de Save Modus gelukkig, daar was ik blij om. De Adobe wil nog steeds installeren, gewoon negeren? De Toolbar van Vuze krijg ik ook niet weg, heb gezocht in de Software, maar daar staat ie niet bij. En onderaan bij de blauwe balk stond een figuurtje met een lettercombinatie, dat was iets voor het toetsenbord geloof ik,....die zijn weg valt me op, is dat erg? Kan er nog iets aan bovenstaande doen of is dat niet ernstig? Dank! Groetjes Holly
Link naar reactie
  • 0
ok, hier het HJT-log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:32:16, on 26-9-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17099) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Global Protection 2012\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Panda Security\Panda Global Protection 2012\PsCtrls.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Panda Security\Panda Global Protection 2012\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\WINDOWS\System32\svchost.exe c:\program files\panda security\panda global protection 2012\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Global Protection 2012\PsImSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2012\PskSvc.exe C:\Program Files\Panda Security\Panda Global Protection 2012\pavsrvx86.exe C:\Program Files\Panda Security\Panda Global Protection 2012\AVENGINE.EXE C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Panda Security\Panda Global Protection 2012\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Global Protection 2012\PavBckPT.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1205961512&rver=4.5.2130.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Global Protection 2012\Inicio.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_NL&c=64&bd=pavilion&pf=laptop O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Global Protection 2012\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\pavsrvx86.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda global protection 2012\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\PskSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Global Protection 2012\TPSrv.exe -- End of file - 11294 bytes Groetjes Holly
Link naar reactie
  • 0
Waarom zit er nog steeds IE7 in jouw Windows XP? En doe eens het volgende: ga naar [b:af91de5d53]Start /Uitvoeren[/b:af91de5d53] en typ [b:af91de5d53]sfc /scannow[/b:af91de5d53] gevolgd door klikken op [b:af91de5d53]OK[/b:af91de5d53] of indrukken van de Entertoets. Denk wel aan de spatie na 'sfc'. SFC houdt in dat systeembestanden gecontroleerd worden op juist funktioneren; laat eten of er mogelijk reparaties moeten gebeuren?
Link naar reactie
  • 0
Ik heb een paar keer IE8 gepoogd te installeren als update op IE7. Kreeg daar eerst meldingen op dat het alleen voor Vista en Windows7 zou zijn, daarna lukte het wel IE8 voor XP te vinden, maar toen deed mijn GP12 moeilijk...dus heb ik het laten liggen, omdat ik meestal MozillaFirefox gebruik :( niet zo handig dus begrijp ik? De Windowsbestandbeveilging geeft een pop-up van een cd-rom voor dll bestanden voor servicepack 3, maar ik heb geen cd-rom ervan. Dat stond al op de pc bij aanschaf. Heb wel ergens opstartschijven voor als iets mis gaat. Ik kan bij de pop-up kiezen voor 'opnieuw' , 'meer informatie' of 'annuleren', maar ik heb geen cd-rom. Hoe dien ik dit te doen? Groetjes Holly
Link naar reactie

Doe mee aan dit gesprek

Je kunt dit nu plaatsen en later registreren. Indien je reeds een account hebt, log dan nu in om het bericht te plaatsen met je account.

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Plak in plaats daarvan als platte tekst

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in


×
×
  • Nieuwe aanmaken...